LAN Routing
1748109 Members
4381 Online
108758 Solutions
New Discussion юеВ

Re: routing leaking between vlan and vpn-instance

 
MarioT
Occasional Visitor

routing leaking between vlan and vpn-instance

Hello,

 

I have vpn-instance

ip vpn-instance BLA
route-distinguisher 64555:100

 

I have few VLAN's as part of vpn-instance, e.g

vlan 111

interface Vlan-interface111
ip binding vpn-instance BLA
ip address 10.96.224.65 255.255.255.192

 

I have vlan not part of vpn-instance.

vlan 1555

interface Vlan-interface1555
ip address 192.168.202.1 255.255.255.192

interface GigabitEthernet1/0/2
port link-mode bridge
description reference_rack_Enc1_local connection
port access vlan 1555

I want to route traffic bewteen vlan 1555 and vpn-instance BLA.

I made static routing;

ip route-static 10.96.224.64 29 vpn-instance BLA 10.96.224.65
ip route-static vpn-instance BLA 192.168.202.0 29 192.168.202.1 public

 

I can connect to SW from a laptop when it's connected to port 1/0/2

but I can not reach any address within vpn-instance.

Am I missing something?

BR
Mario

 

2 REPLIES 2
becos
Senior Member

Re: routing leaking between vlan and vpn-instance

Hello,

As fas as I remember, I tried searching for documentation with no luck, you can leak routes between vpn-instances and global routing table as long as the next-hops are not local addresses, i.e. they must point to another IP on the same subnet probably to another device.

Now, if you MUST have this leaking localy, you could try tricking the device by using a loopback cable from one port to another on the same chassis. 1 port should be on the vpn whereas the other end should be on the Vlan. You can use statics or ospf for announcing the routes both ways. Caution here since all traffic will pass by this cable.

Haven't tried this on HP but it worths a try.

Thanks and good luck.

 

 

 

MarioT
Occasional Visitor

Re: routing leaking between vlan and vpn-instance

Thanks for the answer.
Unfortunatily I need this leaking localy. For the moment I can not try your solution but if I get a change I will try it.

Br
Mario