Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

This document explains PICOS static route leaking. As shown in Figure 1, three devices, R1, R2 and R3 participate in this static route leaking example. The goal is to allow hosts connected to R2 in the default VRF, access to hosts connected to R3 in vrf2. To achieve this, static leaks will be configured on R1, which has two interfaces in two different VRFs, vrf2 and the default VRF. The interface connecting R2 belongs to the default VRF and the interface connecting R3 belongs to vrf2.

                                                       Figure1. Static Routing Leaking Topology


Static route leaks will be configured on R1. Additionally, a static route will be configured on R2 to reach 1.1.1.1 with a next-hop router address of R1 L3 VLAN interface. Similarly another static route will be configured on R3 to reach 4.4.4.4 with the next-hop router address of the R1 L3 VLAN interface. The sections below explains the device configuration of the three devices.


R1 Configuration

Step 1. Configure interface te-1/1/15 and te-1/1/47. Assign VLAN ID and configure the L3 VLAN interface IP address.

admin@R1# set interface gigabit-ethernet te-1/1/15 family ethernet-switching native-vlan-id 3000
admin@R1# set interface gigabit-ethernet te-1/1/47 family ethernet-switching native-vlan-id 3001
admin@R1# set l3-interface vlan-interface vlan3000 address 30.57.166.166 prefix-length 24
admin@R1# set l3-interface vlan-interface vlan3001 address 31.147.166.166 prefix-length 24
admin@R1# set vlans vlan-id 3001 l3-interface "vlan3001"
admin@R1# set vlans vlan-id 3000 l3-interface "vlan3000"
admin@R1# set l3-interface loopback lo address 2.2.2.2 prefix-length 32
admin@R1# set l3-interface loopback vrf2 address 166.166.166.2

Step 2. Create VRF vrf2 and assign vlan3001 to vrf2. Also enable IP routing on the device.

admin@R1# set ip vrf vrf2
admin@R1# set l3-interface vlan-interface vlan3001 vrf "vrf2"
admin@R1# set ip routing enable true

Step 3. Create static leak routes on R1. Route 1.1.1.1/32 in created in the default VRF whereas route 4.4.4.4/32 is created in vrf2.

admin@R1# set protocols static route 1.1.1.1/32 nexthop-vrf vrf2 next-hop 31.147.166.47
admin@R1# set protocols static vrf vrf2 route 4.4.4.4/32 nexthop-vrf default next-hop 30.57.166.57

R2 Configuration

Step1. Configure interface ge-1/1/15, VLAN ID and L3 VLAN interface and IP address.

admin@R2# set interface gigabit-ethernet ge-1/1/15 family ethernet-switching native-vlan-id 3000
admin@R2# set l3-interface vlan-interface vlan3000 address 30.57.166.57 prefix-length 24
admin@R2# set vlans vlan-id 3000 l3-interface "vlan3000"

Step 2. Configure a static route to destination 1.1.1.1 and enable IP routing on the device. Also create the loopback interface and assign IP address.

admin@R2# set l3-interface loopback lo address 4.4.4.4 prefix-length 32
admin@R2# set protocols static route 1.1.1.1/32 next-hop 30.57.166.166
admin@R2# set ip routing enable true

R3 Configuration

Step1. Configure interface ge-1/1/2, L3 VLAN interface and IP address.

admin@R3# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching native-vlan-id 3001
admin@R3# set l3-interface vlan-interface vlan3001 address 31.147.166.47 prefix-length 24
admin@R3# set vlans vlan-id 3001 l3-interface "vlan3001"
admin@R3# set l3-interface vlan-interface vlan3001 vrf vrf2

Step 2. Create vrf2, create loopback and configure a static route to destination 4.4.4.4/32 and also enable IP routing on the device.

admin@R3# set ip vrf vrf2
admin@R3# set l3-interface loopback vrf2 address 1.1.1.1 prefix-length 32
admin@R3# set protocols static vrf vrf2 route 4.4.4.4/32 next-hop 31.147.166.166
admin@R3# set ip routing enable true

Verify configuration

Ping 1.1.1.1 from R2 to test connectivity.

admin@R2# run ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
64 bytes from 1.1.1.1: icmp_seq=1 ttl=63 time=2.15 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=63 time=1.61 ms
64 bytes from 1.1.1.1: icmp_seq=3 ttl=63 time=2.43 ms
64 bytes from 1.1.1.1: icmp_seq=4 ttl=63 time=2.22 ms
64 bytes from 1.1.1.1: icmp_seq=5 ttl=63 time=1.97 ms


Verify Routing Table on R1

admin@R1# run show route vrf vrf2
show ip route vrf vrf1 static
=============================
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
       F - PBR, f - OpenFabric,
       > - selected route, * - FIB route, q - queued route, r - rejected route


VRF vrf2:
S>* 4.4.4.4/32 [1/0] via 30.57.166.57, vlan3000 (vrf default), weight 1, 06:44:46
C>* 31.147.166.0/24 is directly connected, vlan3001, 00:31:25



show ipv6 route vrf vrf2 static
===============================

admin@R1# run show route ipv4
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
       F - PBR, f - OpenFabric,
       > - selected route, * - FIB route, q - queued route, r - rejected route

S>* 1.1.1.1/32 [1/0] via 31.147.166.47, vlan3001 (vrf vrf2), weight 1, 06:45:11
C>* 30.57.166.0/24 is directly connected, vlan3000, 00:51:25

Verify Routing Table on R2

admin@R2# run show route ipv4
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
       F - PBR, f - OpenFabric,
       > - selected route, * - FIB route, q - queued route, r - rejected route

S>* 1.1.1.1/32 [1/0] via 30.57.166.166, vlan3001, weight 1, 06:45:11
C>* 30.57.166.0/24 is directly connected, vlan3000, 00:51:25

Verify Routing Table on R3

admin@R3# run show route vrf vrf2
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
       F - PBR, f - OpenFabric,
       > - selected route, * - FIB route, q - queued route, r - rejected route

S>* 4.4.4.4/32 [1/0] via 31.147.166.166, vlan3001, weight 1, 06:45:11
C>* 31.147.166.0/24 is directly connected, vlan3001, 00:51:25
  • No labels