Answer the question
In order to leave comments, you need to log in
K
K
karibskii_koks2018-06-22 13:45:12
karibskii_koks, 2018-06-22 13:45:12
How to send traffic from VRF through TE tunnel?
Hello, I'm trying to learn how L3VPN and Traffic-engineering work. 
Routers R1 and R4 are PE routers. All routers have mpls traffic-eng tunnels enabled, interfaces have RSVP enabled. L3VPN using LDP works successfully. Also L3VPN works successfully with TE tunnel with Autoroute Announce enabled.
However, I'm trying to make it so that with the help of PBR the traffic would go to the "correct tunnel"
spoiler
hostname R1
!
ip vrf NETRIS
rd 65000:1
route-target export 65000:1
route-target import 65000:1
!
mpls traffic-eng tunnels
multilink bundle-name authenticated
interface Loopback1
ip address 1.1.1.1 255.255.255.255
!
interface Tunnel555
ip unnumbered Loopback1
tunnel mode mpls traffic-eng
tunnel destination 4.4.4.4
tunnel mpls traffic-eng priority 7 7
tunnel mpls traffic-eng bandwidth 90000
tunnel mpls traffic-eng path-option 10 explicit name NETRIS
!
interface GigabitEthernet0/0
ip vrf forwarding NETRIS
ip address 192.168.15.1 255.255.255.0
ip policy route-map NETRIS_RM
media-type gbic
speed 1000
duplex full
negotiation auto
!
interface GigabitEthernet1/0
ip address 10.0.12.1 255.255.255.0
negotiation auto
mpls ip
mpls traffic-eng tunnels
ip rsvp bandwidth 100000
!
interface GigabitEthernet2/0
ip address 10.0.13.1 255.255.255.0
negotiation auto
mpls ip
mpls traffic-eng tunnels
ip rsvp bandwidth 100000
!
!
router ospf 1
network 1.1.1.1 0.0.0.0 area 0
network 10.0.12.0 0.0.0.255 area 0
network 10.0.13.0 0.0.0.255 area 0
mpls traffic-eng router-id Loopback1
mpls traffic-eng area 0
!
router bgp 65000
bgp log-neighbor-changes
neighbor 4.4.4.4 remote-as 65000
neighbor 4.4.4.4 update-source Loopback1
neighbor 4.4.4.4 next-hop-self
!
address-family vpnv4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community extended
exit-address-family
!
address-family ipv4 vrf NETRIS
redistribute connected
redistribute static
exit-address-family
!
ip route vrf NETRIS 5.5.5.5 255.255.255.255 192.168.15.5
!
ip explicit-path name NETRIS enable
next-address 2.2.2.2
!
ip access-list extended NETRIS_ACL
permit ip host 5.5.5.5 host 6.6.6.6
!
!
route-map NETRIS_RM permit 10
match ip address NETRIS_ACL
set interface Tunnel555
end
hostname R1
!
ip vrf NETRIS
rd 65000:1
route-target export 65000:1
route-target import 65000:1
!
mpls traffic-eng tunnels
multilink bundle-name authenticated
interface Loopback1
ip address 1.1.1.1 255.255.255.255
!
interface Tunnel555
ip unnumbered Loopback1
tunnel mode mpls traffic-eng
tunnel destination 4.4.4.4
tunnel mpls traffic-eng priority 7 7
tunnel mpls traffic-eng bandwidth 90000
tunnel mpls traffic-eng path-option 10 explicit name NETRIS
!
interface GigabitEthernet0/0
ip vrf forwarding NETRIS
ip address 192.168.15.1 255.255.255.0
ip policy route-map NETRIS_RM
media-type gbic
speed 1000
duplex full
negotiation auto
!
interface GigabitEthernet1/0
ip address 10.0.12.1 255.255.255.0
negotiation auto
mpls ip
mpls traffic-eng tunnels
ip rsvp bandwidth 100000
!
interface GigabitEthernet2/0
ip address 10.0.13.1 255.255.255.0
negotiation auto
mpls ip
mpls traffic-eng tunnels
ip rsvp bandwidth 100000
!
!
router ospf 1
network 1.1.1.1 0.0.0.0 area 0
network 10.0.12.0 0.0.0.255 area 0
network 10.0.13.0 0.0.0.255 area 0
mpls traffic-eng router-id Loopback1
mpls traffic-eng area 0
!
router bgp 65000
bgp log-neighbor-changes
neighbor 4.4.4.4 remote-as 65000
neighbor 4.4.4.4 update-source Loopback1
neighbor 4.4.4.4 next-hop-self
!
address-family vpnv4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community extended
exit-address-family
!
address-family ipv4 vrf NETRIS
redistribute connected
redistribute static
exit-address-family
!
ip route vrf NETRIS 5.5.5.5 255.255.255.255 192.168.15.5
!
ip explicit-path name NETRIS enable
next-address 2.2.2.2
!
ip access-list extended NETRIS_ACL
permit ip host 5.5.5.5 host 6.6.6.6
!
!
route-map NETRIS_RM permit 10
match ip address NETRIS_ACL
set interface Tunnel555
end
spoiler
hostname R4
!
ip vrf NETRIS
rd 65000:1
route-target export 65000:1
route-target import 65000:1
!
interface Loopback1
ip address 4.4.4.4 255.255.255.255
!
interface Tunnel555
ip unnumbered Loopback1
tunnel mode mpls traffic-eng
tunnel destination 1.1.1.1
tunnel mpls traffic-eng priority 7 7
tunnel mpls traffic-eng bandwidth 90000
tunnel mpls traffic-eng path-option 10 explicit name NETRIS
!
interface GigabitEthernet0/0
ip vrf forwarding NETRIS
ip address 192.168.46.4 255.255.255.0
ip policy route-map NETRIS_RM
media-type gbic
speed 1000
duplex full
negotiation auto
!
interface GigabitEthernet1/0
ip address 10.0.34.4 255.255.255.0
negotiation auto
mpls ip
mpls traffic-eng tunnels
ip rsvp bandwidth 100000
!
interface GigabitEthernet2/0
ip address 10.0.24.4 255.255.255.0
negotiation auto
mpls ip
mpls traffic-eng tunnels
ip rsvp bandwidth 100000
!
router ospf 1
network 4.4.4.4 0.0.0.0 area 0
network 10.0.24.0 0.0.0.255 area 0
network 10.0.34.0 0.0.0.255 area 0
mpls traffic-eng router-id Loopback1
mpls traffic-eng area 0
!
router bgp 65000
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 65000
neighbor 1.1.1.1 update-source Loopback1
neighbor 1.1.1.1 next-hop-self
!
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
neighbor 1.1.1.1 next-hop-self
exit-address-family
!
address-family ipv4 vrf NETRIS
redistribute connected
redistribute static
exit-address-family
!
!
no ip http server
no ip http secure-server
ip route vrf NETRIS 6.6.6.6 255.255.255.255 192.168.46.6
!
ip explicit-path name NETRIS enable
next-address 2.2.2.2
!
ip access-list extended NETRIS_ACL
permit ip host 6.6.6.6 host 5.5.5.5
!
!
route-map NETRIS_RM permit 10
match ip address NETRIS_ACL
set interface Tunnel555
!
end
hostname R4
!
ip vrf NETRIS
rd 65000:1
route-target export 65000:1
route-target import 65000:1
!
interface Loopback1
ip address 4.4.4.4 255.255.255.255
!
interface Tunnel555
ip unnumbered Loopback1
tunnel mode mpls traffic-eng
tunnel destination 1.1.1.1
tunnel mpls traffic-eng priority 7 7
tunnel mpls traffic-eng bandwidth 90000
tunnel mpls traffic-eng path-option 10 explicit name NETRIS
!
interface GigabitEthernet0/0
ip vrf forwarding NETRIS
ip address 192.168.46.4 255.255.255.0
ip policy route-map NETRIS_RM
media-type gbic
speed 1000
duplex full
negotiation auto
!
interface GigabitEthernet1/0
ip address 10.0.34.4 255.255.255.0
negotiation auto
mpls ip
mpls traffic-eng tunnels
ip rsvp bandwidth 100000
!
interface GigabitEthernet2/0
ip address 10.0.24.4 255.255.255.0
negotiation auto
mpls ip
mpls traffic-eng tunnels
ip rsvp bandwidth 100000
!
router ospf 1
network 4.4.4.4 0.0.0.0 area 0
network 10.0.24.0 0.0.0.255 area 0
network 10.0.34.0 0.0.0.255 area 0
mpls traffic-eng router-id Loopback1
mpls traffic-eng area 0
!
router bgp 65000
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 65000
neighbor 1.1.1.1 update-source Loopback1
neighbor 1.1.1.1 next-hop-self
!
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
neighbor 1.1.1.1 next-hop-self
exit-address-family
!
address-family ipv4 vrf NETRIS
redistribute connected
redistribute static
exit-address-family
!
!
no ip http server
no ip http secure-server
ip route vrf NETRIS 6.6.6.6 255.255.255.255 192.168.46.6
!
ip explicit-path name NETRIS enable
next-address 2.2.2.2
!
ip access-list extended NETRIS_ACL
permit ip host 6.6.6.6 host 5.5.5.5
!
!
route-map NETRIS_RM permit 10
match ip address NETRIS_ACL
set interface Tunnel555
!
end
Similar questions
V
@
@ntkernel2021-07-17 01:47:18
Is it possible for a client Cisco ASA with VPN to be behind NAT?
0Reply
A
D
W
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question