BGP Route Leaking Configuration Example

Owned by Tracy Yang (Unlicensed)
Apr 26, 2023
7 min read

This document illustrates dynamic route leaking between different VRFs. There are three switches in our example topology as shown in Figure 1. 


                                             Figure 1. Dynamic Route Leaking Example Topology

Topology Introduction

  • OSPFv2 is configured between devices R1 and R2. The interfaces connecting these two devices both belong to VRF1. 
  • BGP is configured between devices R2 and R3. The interfaces connecting these two devices both belong to the default VRF.
  • Dynamic route leaking using BGP is configured on R2.
  • On R2, BGP routes in the default VRF are leaked into VRF1. The BGP routes are then redistributed into OSPF in VRF1.
  • Similarly, on R2, BGP routes in VRF1 are leaked into the default VRF.
  • On R2, OSPF routes in VRF1 are redistributed into BGP.
  • Route map is used on R2 to demonstrate route filtering when leaking routes between the two VRFs.

Router Configuration

This section describes the configuration used on the three devices.


R1 Configuration 

Step 1. Configure physical interfaces, L3 VLAN interfaces and IP addressing.

root@R1# set interface gigabit-ethernet te-1/1/1 family ethernet-switching port-mode "trunk" 
root@R1# set interface gigabit-ethernet te-1/1/1 family ethernet-switching vlan members 11 
root@R1# set interface gigabit-ethernet te-1/1/10 family ethernet-switching port-mode "trunk" 
root@R1# set interface gigabit-ethernet te-1/1/10 family ethernet-switching vlan members 101 
root@R1# set l3-interface vlan-interface vlan101 address 101.101.101.1 prefix-length 24 
root@R1# set l3-interface vlan-interface vlan11 address 11.11.11.1 prefix-length 24 
root@R1# set vlans vlan-id 11 l3-interface "vlan11" 
root@R1# set vlans vlan-id 101 l3-interface "vlan101"


Step 2. Create vrf1 and assign vlan11 and vlan101 to vrf1 and enable IP routing on the device.

root@R1# set ip vrf vrf1 
root@R1# set l3-interface vlan-interface vlan11 vrf "vrf1" 
root@R1# set l3-interface vlan-interface vlan101 vrf "vrf1" 
root@R1# set ip routing enable true


Step 3. Create a loopback interface in vrf1 and set system hostname.

root@R1# set l3-interface loopback vrf1 address 1.1.1.10 prefix-length 32 
root@R1# set system hostname R1


Step 4. Configure OSPFv2 by setting router ID and enable OSPF for different network prefixes.

root@R1# set protocols ospf vrf vrf1 router-id 1.1.1.10 
root@R1# set protocols ospf vrf vrf1 network 101.101.101.0/24 area "0" 
root@R1# set protocols ospf vrf vrf1 network 11.11.11.0/24 area "0" 
root@R1# set protocols ospf vrf vrf1 network 1.1.1.10/32 area "0.0.0.0"


R2 Configuration

Step 1. Configure physical interfaces, L3 VLAN interfaces and IP addressing.

root@R2# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching native-vlan-id 20
root@R2# set interface gigabit-ethernet ge-1/1/5 family ethernet-switching port-mode "trunk" 
root@R2# set interface gigabit-ethernet ge-1/1/5 family ethernet-switching vlan members 11 
root@R2# set l3-interface vlan-interface vlan11 address 11.11.11.2 prefix-length 24 
root@R2# set l3-interface vlan-interface vlan20 address 20.20.20.1 prefix-length 24 
root@R2# set vlans vlan-id 11 l3-interface "vlan11" 
root@R2# set vlans vlan-id 20 l3-interface "vlan20"

Step 2. Create vrf1 and assign vlan11 to vrf1 and enable IP routing on the device.

root@R2# set ip routing enable true 
root@R2# set ip vrf vrf1 
root@R2# set l3-interface vlan-interface vlan11 vrf "vrf1"

Step 3. Create loopback interfaces in the default VRF and vrf1 and set the system hostname.

root@R2# set l3-interface loopback lo address 2.2.2.2 prefix-length 32 
root@R2# set l3-interface loopback vrf1 address 2.2.2.10 prefix-length 32  
root@R2# set system hostname R2

Step 4. Configure OSPFv2 by setting router ID and enable OSPF for different network prefixes. Also enable redistribution of BGP routes into OSPFv2.

root@R2# set protocols ospf vrf vrf1 router-id 2.2.2.10 
root@R2# set protocols ospf vrf vrf1 network 11.11.11.0/24 area "0" 
root@R2# set protocols ospf vrf vrf1 network 21.21.21.0/24 area "0" 
root@R2# set protocols ospf vrf vrf1 redistribute bgp

Step 5. Configure BGP by setting router ID, specify BGP neighbor, AS number and enable route leaking by importing routes into VRF1 from the default VRF.

root@R2# set protocols bgp local-as 200 
root@R2# set protocols bgp router-id 2.2.2.2 
root@R2# set protocols bgp neighbor 20.20.20.2 remote-as "300" 
root@R2# set protocols bgp ipv4-unicast network 2.2.2.2/32 
root@R2# set protocols bgp ipv4-unicast import vrf vrf1 
root@R2# set protocols bgp vrf vrf1 local-as 201 
root@R2# set protocols bgp vrf vrf1 router-id 2.2.2.2 
root@R2# set protocols bgp vrf vrf1 ipv4-unicast redistribute ospf 
root@R2# set protocols bgp vrf vrf1 ipv4-unicast import vrf default

Step 6. Configure route map map1 to filter route 33.33.33.33/32  and only leak 3.3.3.3/32 into VRF1.

root@R2# set routing prefix-list ipv4-family pre1 seq 1 permit prefix 3.3.3.3/32
root@R2# set routing route-map map1 order 1 matching-policy "permit"
root@R2# set routing route-map map1 order 1 match ipv4-addr address prefix-list "pre1"
root@R2# set protocols bgp vrf vrf1 ipv4-unicast import vrf-route-map "map1"

R3 Configuration 

Step 1. Configure physical interfaces, L3 VLAN interfaces and IP addressing.

admin@R3# set interface gigabit-ethernet ge-1/1/10 family ethernet-switching native-vlan-id 200 
admin@R3# set interface gigabit-ethernet ge-1/1/10 family ethernet-switching port-mode trunk 
admin@R3#set interface gigabit-ethernet ge-1/1/10 family ethernet-switching vlan members 201 
admin@R3# set interface gigabit-ethernet ge-1/1/23 family ethernet-switching native-vlan-id 20 
admin@R3# set l3-interface vlan-interface vlan20 address 20.20.20.2 prefix-length 24
admin@R3# set l3-interface vlan-interface vlan200 address 200.200.200.1 prefix-length 24
admin@R3# set vlans vlan-id 20 l3-interface vlan20
admin@R3# set vlans vlan-id 200 l3-interface vlan200
admin@R3# set vlans vlan-id 201 l3-interface vlan201

Step 2. Enable IP routing on the device and create vrf1.

admin@R3# set ip routing enable true 
admin@R3# set ip vrf vrf1


Step 3. Create loopback interfaces and set system hostname.

admin@R3# set l3-interface loopback lo address 3.3.3.3 prefix-length 32
admin@R3# set l3-interface loopback lo address 33.33.33.33 prefix-length 32
admin@R3# set system hostname R3

Step 4. Configure BGP AS number, router ID and add network prefixes.

admin@R3# set protocols bgp local-as 300
admin@R3# set protocols bgp router-id 3.3.3.3
admin@R3# set protocols bgp neighbor 20.20.20.1 remote-as "200"
admin@R3# set protocols bgp ipv4-unicast network 33.33.33.33/32
admin@R3# set protocols bgp ipv4-unicast network 3.3.3.3/32

Verify Configuration

R1 Routing Table

The command below shows the routing table of vrf1. As you can notice, route 33.33.33.33/32 is not leaked and redistributed into VRF1 because this prefix was filtered out by route map.

root@R1# run show route vrf vrf1
show ip route vrf vrf1
=======================
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
       F - PBR, f - OpenFabric,
       > - selected route, * - FIB route, q - queued route, r - rejected route


VRF vrf1:
K>* 0.0.0.0/0 [255/8192] unreachable (blackhole), 01:08:45
O   1.1.1.10/32 [110/0] is directly connected, vrf1, weight 1, 01:08:44
C>* 1.1.1.10/32 is directly connected, vrf1, 01:08:45
O>* 3.3.3.3/32 [110/20] via 11.11.11.2, vlan11, weight 1, 00:33:58
O   11.11.11.0/24 [110/10] is directly connected, vlan11, weight 1, 01:06:36
C>* 11.11.11.0/24 is directly connected, vlan11, 01:07:17
O   101.101.101.0/24 [110/10] is directly connected, vlan101, weight 1, 01:07:44
C>* 101.101.101.0/24 is directly connected, vlan101, 01:07:44

R2 Routing Table

The following show command displays the routing table of vrf1 on R2. Again, route 33.33.33.33/32 is not present in this routing table since it is filtered using route map.

root@R2# run show route vrf vrf1
show ip route vrf vrf1
=======================
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
       F - PBR, f - OpenFabric,
       > - selected route, * - FIB route, q - queued route, r - rejected route


VRF vrf1:
K>* 0.0.0.0/0 [255/8192] unreachable (blackhole), 01:09:36
O>* 1.1.1.10/32 [110/10] via 11.11.11.1, vlan11, weight 1, 01:08:20
C>* 2.2.2.10/32 is directly connected, vrf1, 01:09:36
B>* 3.3.3.3/32 [200/0] via 20.20.20.2, vlan20 (vrf default), weight 1, 00:14:43
O   11.11.11.0/24 [110/10] is directly connected, vlan11, weight 1, 01:09:10
C>* 11.11.11.0/24 is directly connected, vlan11, 01:09:10
O>* 101.101.101.0/24 [110/20] via 11.11.11.1, vlan11, weight 1, 01:08:20

Routing table of the default VRF on R2 is show below.  Prior to route map filtering, route 33.33.33.33/32 can be seen in the default VRF.

root@R2# run show route
show ip route
=============
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
       F - PBR, f - OpenFabric,
       > - selected route, * - FIB route, q - queued route, r - rejected route

K * 0.0.0.0/0 [255/8192] unreachable (blackhole), 01:11:08
K>* 0.0.0.0/0 [2/0] via 10.10.51.1, eth0, 01:11:08
B>* 1.1.1.10/32 [200/10] via 11.11.11.1, vlan11 (vrf vrf1), weight 1, 01:09:52
C>* 2.2.2.2/32 is directly connected, lo, 01:11:08
B>* 3.3.3.3/32 [20/0] via 20.20.20.2, vlan20, weight 1, 00:37:23
C>* 10.10.51.0/24 is directly connected, eth0, 01:11:08
C>* 20.20.20.0/24 is directly connected, vlan20, 01:10:26
B>* 33.33.33.33/32 [20/0] via 20.20.20.2, vlan20, weight 1, 01:08:21
B>* 101.101.101.0/24 [200/20] via 11.11.11.1, vlan11 (vrf vrf1), weight 1, 01:09:52

R3 Routing Table

Routing table of default VRF on R3 is show below.

admin@R3# run show route
show ip route
=============
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
       F - PBR, f - OpenFabric,
       > - selected route, * - FIB route, q - queued route, r - rejected route

K * 0.0.0.0/0 [255/8192] unreachable (blackhole), 01:12:59
K>* 0.0.0.0/0 [2/0] via 10.10.51.1, eth0, 01:13:06
B>* 1.1.1.10/32 [20/10] via 20.20.20.1, vlan20, weight 1, 01:10:01
B>* 2.2.2.2/32 [20/0] via 20.20.20.1, vlan20, weight 1, 01:10:01
C>* 3.3.3.3/32 is directly connected, lo, 01:12:41
C>* 10.10.51.0/24 is directly connected, eth0, 01:13:06
C>* 20.20.20.0/24 is directly connected, vlan20, 01:12:05
C>* 33.33.33.33/32 is directly connected, lo, 01:12:41
B>* 101.101.101.0/24 [20/20] via 20.20.20.1, vlan20, weight 1, 01:10:01
C>* 200.200.200.0/24 is directly connected, vlan200, 01:12:04

Copyright © 2024 Pica8 Inc. All Rights Reserved.