- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- LAN Routing
- >
- Re: How to filter route between VPN-Instance/BGP o...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-16-2018 08:13 AM
02-16-2018 08:13 AM
How to filter route between VPN-Instance/BGP on the same switch?
Hello,
I work on a HP 5820 in Comware 5.
I created 2 Vpn-Instances. Each of them are associated with 2 Vlans (or in fact their Vlan-Interfaces).
In order to route between the Vpn-Instances, I simply configured BGP by creating 1 AS and bound the Vlan-interfaces to a Vpn-Instance.
To be clear:
#
ip vpn-instance VRF10
route-distinguisher 10:1
vpn-target 20:1 import-extcommunity
vpn-target 10:1 export-extcommunity
#
ip vpn-instance VRF20
route-distinguisher 20:1
vpn-target 10:1 import-extcommunity
vpn-target 20:1 export-extcommunity
#
interface Vlan-interface1
ip binding vpn-instance VRF10
ip address 1.1.1.1 255.0.0.0
#
interface Vlan-interface2
ip binding vpn-instance VRF10
ip address 2.2.2.2 255.0.0.0
#
interface Vlan-interface3
ip binding vpn-instance VRF20
ip address 3.3.3.3 255.0.0.0
#
interface Vlan-interface4
ip binding vpn-instance VRF20
ip address 4.4.4.4 255.0.0.0
#
bgp 100
#
ipv4-family vpn-instance VRF10
#
import-route direct
#
ipv4-family vpn-instance VRF20
#
import-route direct
#
It works fine, each Vpn-Instance learned the networks of the other one in its routing table.
But now, I don't want all the Vlan to be known. For example, Vlan 4 does not need to be "exported" to VRF10 routing table.
How can I do that? I read in documentation that "route-policy" is the solution, but I failed to succeed.
Does anyone ever do the same ?
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-03-2018 06:37 AM
12-03-2018 06:37 AM
Re: How to filter route between VPN-Instance/BGP on the same switch?
Haven't tested yet, but I assume following article is helpful;
How to route leake between vpn instances configuration example / https://community.hpe.com/t5/Comware-Based/How-to-route-leake-between-vpn-instances-configuration-example/td-p/6968623#.XAU8RtvwaHs
i.e.
Prefix-list for the networks you want to leake.
ip prefix-list v001 index 30 deny 10.50.25.248 30 BGP Peer
ip prefix-list v001 index 40 permit 10.50.24.0 24 Leake network
Route-Policy
route-policy v001-export permit node 10
if-match ip address prefix-list v001
apply extcommunity rt 1:1
VPN-Instance configuration.
ip vpn-instance v001
route-distinguisher 64514:1
import route-policy v136-export
vpn-target 64514:1 1:136 import-extcommunity
vpn-target 1:1 export-extcommunity