Route-target import/export

Here is what happening when we add a RT import statement in a VRF. Assume the MPLS-iBGP session is UP among the PE routers;

Once we entered a import RT, route-refresh message is sent to iBGP  neighbor(PE routers) and an update message is received from the neighbor. An import check is performed for all the routes obtained.

R5(config)#ip vrf one
R5(config-vrf)#
R5(config-vrf)#do show run | sec vrf
ip vrf one
rd 1:1
route-target export 1:1
route-target import 1:1
R5(config-vrf)#route-target import 100:102    <<< No routes are exported with 100:102 from the neighbors.
R5(config-vrf)#
*Mar  1 00:21:27.015: BGP: Mark 2.2.2.2 for VPNv4 REFRESH request
*Mar  1 00:21:27.019: vrf: Import cfg version incremented to 3; VRF one
*Mar  1 00:21:27.375: BGP: 2.2.2.2 sending REFRESH_REQ(5) for afi/safi: 1/128
*Mar  1 00:21:27.375: BGP: 2.2.2.2 send message type 5, length (incl. header) 23
*Mar  1 00:21:27.511: BGP(2): 2.2.2.2 rcvd UPDATE w/ attr: nexthop 2.2.2.2, origin ?, localpref 100, metric 0, extended community RT:100:101
*Mar  1 00:21:27.519: BGP(2): 2.2.2.2 rcvd 1:2:12.1.2.0/24 — DENIED due to:  extended community not supported;
*Mar  1 00:21:27.523: BGP(2): 2.2.2.2 rcvd UPDATE w/ attr: nexthop 2.2.2.2, origin ?, localpref 100, metric 0, extended community
RT:1:1 OSPF DOMAIN ID:0x0005:0x000000020200 OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:12.12.12.12:0
*Mar  1 00:21:27.535: BGP(2): 2.2.2.2 rcvd 1:1:12.1.1.0/24…duplicate ignored
R5(config-vrf)#
*Mar  1 00:21:29.483: BGP: Restarting the importing with zero import version
*Mar  1 00:21:29.483: BGP: Import walker start version 0, end version 11
*Mar  1 00:21:29.487: BGP: … start import cfg version = 3
*Mar  1 00:21:29.487: VPN: BGP nettable start scan for VPN one
*Mar  1 00:21:29.491: VPN: prescan: add VRF one; cfg change
*Mar  1 00:21:29.495: vpn: Start import processing for: 1:1:12.1.1.0
*Mar  1 00:21:29.495: vpn: Import check for one; flags cfgc, mtch, impt
*Mar  1 00:21:29.495: vpn(2): Import for one permitted; import flags cfgc, mtch, impt
*Mar  1 00:21:29.499: vpn: Same RD import for one
*Mar  1 00:21:29.499: vpn: 1:1:12.1.1.0 (ver 5), imported as:
*Mar  1 00:21:29.503: vpn: 1:1:12.1.1.0 (ver 5)
*Mar  1 00:21:29.507: vpn: Start import processing for: 1:1:13.1.2.0
*Mar  1 00:21:29.507: vpn: Import check for one; flags cfgc, mtch, impt
*Mar  1 00:21:29.507: vpn(2): Import for one permitted; import flags cfgc, mtch, impt
*Mar  1 00:21:29.507: vpn: Same RD i
R5(config-vrf)#mport for one
*Mar  1 00:21:29.507: vpn: 1:1:13.1.2.0 (ver 6), imported as:
*Mar  1 00:21:29.507: vpn: 1:1:13.1.2.0 (ver 6)
*Mar  1 00:21:29.507: vpn: Start import processing for: 1:1:192.168.2.0
*Mar  1 00:21:29.511: vpn: Import check for one; flags cfgc, mtch, impt
*Mar  1 00:21:29.511: vpn(2): Import for one permitted; import flags cfgc, mtch, impt
*Mar  1 00:21:29.511: vpn: Same RD import for one
*Mar  1 00:21:29.511: vpn: 1:1:192.168.2.0 (ver 7), imported as:
*Mar  1 00:21:29.511: vpn: 1:1:192.168.2.0 (ver 7)
*Mar  1 00:21:29.511: VPN: Scanning for import check is done.
<One of the PE routers is exporting with RT=100:101 / RD = 1:2>
R5(config)#ip vrf one
R5(config-vrf)#route-target import 100:101
R5(config-vrf)#
*Mar  1 00:32:29.995: VPN: Scanning for import check is done.
*Mar  1 00:32:31.139: BGP: Mark 2.2.2.2 for VPNv4 REFRESH request
*Mar  1 00:32:31.139: vrf: Import cfg version incremented to 4; VRF one
*Mar  1 00:32:31.355: BGP: 2.2.2.2 sending REFRESH_REQ(5) for afi/safi: 1/128
*Mar  1 00:32:31.355: BGP: 2.2.2.2 send message type 5, length (incl. header) 23
*Mar  1 00:32:31.463: BGP(2): 2.2.2.2 rcvd UPDATE w/ attr: nexthop 2.2.2.2, origin ?, localpref 100, metric 0, extended community RT:100:101
*Mar  1 00:32:31.467: BGP(2): 2.2.2.2 rcvd 1:2:12.1.2.0/24
*Mar  1 00:32:31.475: BGP(2): 2.2.2.2 rcvd UPDATE w/ attr: nexthop 2.2.2.2, origin ?, localpref 100, metric 0, extended community RT:1:1 OSPF DOMAIN ID:0x0005:0x000000020200
R5(config-vrf)# OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:12.12.12.12:0
*Mar  1 00:32:31.483: BGP(2): 2.2.2.2 rcvd 1:1:12.1.1.0/24…duplicate ignored
R5(config-vrf)#
*Mar  1 00:32:45.007: BGP: Import walker start version 11, end version 12
*Mar  1 00:32:45.011: BGP: … start import cfg version = 3
*Mar  1 00:32:45.011: vpn: Start import processing for: 1:2:12.1.2.0
*Mar  1 00:32:45.011: vpn: Import check for one; flags cfgc, mtch
*Mar  1 00:32:45.015: vpn(2): Import for one permitted; import flags cfgc, mtch
*Mar  1 00:32:45.019: BGP: Prefix 1:2:12.1.2.0/24 to be imported as 1:1:12.1.2.0/24 — Permitted
nexthop 2.2.2.2, origin ?, localpref 100, metric 0, extended community RT:100:101
*Mar  1 00:32:45.027: Path added
*Mar  1 00:32:45.031: vpn: 1:2:12.1.2.0 (ver 12), imported as:
*Mar  1 00:32:45.031: vpn: 1:1:12.1.2.0 (ver 13)
R5(config-vrf)#
*Mar  1 00:32:45.591: BGP(2): Revise route installing 1 of 1 routes for 12.1.2.0/24 -> 2.2.2.2(main) to one IP table
R5(config-vrf)#
*Mar  1 00:33:00.035: BGP: Import walker start version 12, end version 13
*Mar  1 00:33:00.035: BGP: … start import cfg version = 3
*Mar  1 00:33:00.039: BGP: Purge all the import paths generated from 1:1:12.1.2.0/24 – Imported path
R5(config-vrf)#
*Mar  1 00:33:30.079: BGP: Restarting the importing with zero import version
*Mar  1 00:33:30.079: BGP: Import walker start version 0, end version 13
*Mar  1 00:33:30.083: BGP: … start import cfg version = 4
*Mar  1 00:33:30.083: VPN: BGP nettable start scan for VPN one
*Mar  1 00:33:30.087: VPN: prescan: add VRF one; cfg change
*Mar  1 00:33:30.091: vpn: Start import processing for: 1:1:12.1.1.0
*Mar  1 00:33:30.091: vpn: Import check for one; flags cfgc, mtch, impt
*Mar  1 00:33:30.095: vpn(2): Import for one permitted; import flags cfgc, mtch, impt
*Mar  1 00:33:30.095: vpn: Same RD import for one
*Mar  1 00:33:30.095: vpn: 1:1:12.1.1.0 (ver 5), imported as:
*Mar  1 00:33:30.095: vpn: 1:1:12.1.1.0 (ver 5)
*Mar  1 00:33:30.095: BGP: Purge all the import paths generated from 1:1:12.1.2.0/24 – Imported path
*Mar  1 00:33:30.095: vpn: Start import processing for: 1:1:13.1.2.0
*Mar  1 00:33:30.095: vpn: Import check for one; flags cfgc, mtch, impt
*Mar  1 00:33:30.095:
R5(config-vrf)# vpn(2): Import for one permitted; import flags cfgc, mtch, impt
*Mar  1 00:33:30.095: vpn: Same RD import for one
*Mar  1 00:33:30.095: vpn: 1:1:13.1.2.0 (ver 6), imported as:
*Mar  1 00:33:30.095: vpn: 1:1:13.1.2.0 (ver 6)
*Mar  1 00:33:30.095: vpn: Start import processing for: 1:1:192.168.2.0
*Mar  1 00:33:30.095: vpn: Import check for one; flags cfgc, mtch, impt
*Mar  1 00:33:30.095: vpn(2): Import for one permitted; import flags cfgc, mtch, impt
*Mar  1 00:33:30.095: vpn: Same RD import for one
*Mar  1 00:33:30.095: vpn: 1:1:192.168.2.0 (ver 7), imported as:
*Mar  1 00:33:30.095: vpn: 1:1:192.168.2.0 (ver 7)
*Mar  1 00:33:30.099: vpn: Start import processing for: 1:2:12.1.2.0
*Mar  1 00:33:30.103: vpn: Import check for one; flags cfgc, mtch, impt
*Mar  1 00:33:30.103: vpn(2): Import for one permitted; import flags cfgc, mtch, impt
*Mar  1 00:33:30.103: BGP: Prefix 1:2:12.1.2.0/24 to be imported as 1:1:12.1.2.0/24 — Permitted
nexthop 2.2.2.2, origin ?, localpref 100
R5(config-vrf)#, metric 0, extended community RT:100:101
*Mar  1 00:33:30.103: Path exists — duplicate
*Mar  1 00:33:30.103: vpn: 1:2:12.1.2.0 (ver 12), imported as:
*Mar  1 00:33:30.103: vpn: 1:1:12.1.2.0 (ver 13)
*Mar  1 00:33:30.103: VPN: Scanning for import check is done.   <<<<Periodic import check.
R5(config-vrf)#
*Mar  1 00:34:30.127: VPN: Scanning for import check is done.
R5(config-vrf)#
*Mar  1 00:35:30.163: VPN: Scanning for import check is done.
R5(config-vrf)#
*Mar  1 00:36:30.211: VPN: Scanning for import check is done.
R5(config-vrf)#
Similar operation for export. LSR sends a BGP route-refresh message and the two neighbors  update their prefix using “Update” BGP message.
Advertisements
This entry was posted in mpls and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s