interface GigabitEthernet 1/10
ip vrf forwarding VRF2
ip address 140.0.0.1/24
ip route vrf VRF1 20.0.0.0/16 140.0.0.2 vrf VRF2
ip route vrf VRF2 40.0.0.0/16 120.0.0.2 vrf VRF1
Dynamic Route Leaking
Route Leaking is a powerful feature that enables communication between isolated (virtual) routing domains by segregating and sharing a
set of services such as VOIP, Video, and so on that are available on one routing domain with other virtual domains. Inter-VRF Route Leaking
enables a VRF to leak or export routes that are present in its RTM to one or more VRFs.
Dynamic Route Leaking enables a source VRF to share both its connected routes as well as dynamically learnt routes from various
protocols, such as ISIS, OSPF, BGP, and so on, with other default or non-default VRFs.
You can also leak global routes to be made available to VRFs. As the global RTM usually contains a large pool of routes, when the
destination VRF imports global routes, these routes will be duplicated into the VRF's RTM. As a result, it is mandatory to use route-maps to
filter out leaked routes while sharing global routes with VRFs.
Configuring Route Leaking without Filtering Criteria
You can use the ip route-export tag command to export all the IPv4 routes corresponding to a source VRF. For leaking IPv6 routes,
use the ipv6 route-export tag command. This action exposes source VRF's routes (IPv4 or IPv6 depending on the command that
you use) to various other VRFs. The destinations or target VRFs then import these IPv4 or IPv6 routes using the ip route-import
tag or the ipv6 route-import tag command respectively.
NOTE:
In Dell Networking OS, you can configure at most one route-export per VRF as only one set of routes can be exposed for
leaking. However, you can configure multiple route-import targets because a VRF can accept routes from multiple VRFs.
After the target VRF learns routes that are leaked by the source VRF, the source VRF in turn can leak the export target corresponding to
the destination VRFs that have imported its routes. The source VRF learns the export target corresponding to the destinations VRF using
the ip route-import tag or ipv6 route-import tag command. This mechanism enables reverse communication between
destination VRF and the source VRF.
If the target VRF contains the same prefix (either sourced or Leaked route from some other VRF), then the Leak for that particular prefix
will fail and an error-log will be thrown. Manual intervention is required to clear the unneeded prefixes. The source route will take priority
over the leaked route and the leaked route is deleted.
Consider a scenario where you have created four VRF tables VRF-red, VRF-blue, VRF-Green, and VRF-shared. The VRF-shared table
belongs to a particular service that should be made available only to VRF-Red and VRF-Blue but not VRF-Green. For this purpose, routes
corresponding VRF-Shared routes are leaked to only VRF-Red and VRF-Blue. And for reply, routes corresponding to VRF-Red and VRF-
Blue are leaked to VRF-Shared.
For leaking the routes from VRF-Shared to VRF-Red and VRF-Blue, you can configure route-export tag on VRF-shared (source VRF, who
is exporting the routes); the same route-export tag value should be configured on VRF-Red and VRF-blue as route-import tag (target VRF,
that is importing the routes). For a reply communication, VRF-red and VRF-blue are configured with two different route-export tags, one
for each, and those two values are configured as route-import tags on VRF-shared.
To configure route leaking, perform the following steps:
1
Configure VRF-shared using the following command:
ip vrf vrf-shared
interface interface-type slot/port
ip vrf forwarding vrf-shared
968
Virtual Routing and Forwarding (VRF)