top of page
Search
Writer's pictureMukesh Chanderia
Dec 29, 20232 min read

Advertise subnet from BD to Ex EPG and Route Tagging


Step 1:

Let’s create AP1, BD1 & EPG1 along with the following subnets.

222.222.221.1/24 —> Advertise Externally

222.222.222.1/24 —> Advertise Externally

222.222.223.1/24 ----> Do not Advertise



Step 2: Attach L3Out ISP1 & ISP2 with bridge domain




Step 3: Attach contract in EPG1 (Provider) ISP2 & ISP2 (Consumer)






The BD subnets are being learnt by External EPGs.


n9k# show ip route vrf ISP1

1.1.1.1/32, ubest/mbest: 1/0

    *via 10.0.0.1, Eth1/5, [110/5], 01:10:17, ospf-1, intra

10.0.0.0/24, ubest/mbest: 1/0, attached

    *via 10.0.0.2, Eth1/5, [0/0], 01:10:17, direct

10.0.0.2/32, ubest/mbest: 1/0, attached

    *via 10.0.0.2, Eth1/5, [0/0], 01:10:17, local

101.101.101.1/32, ubest/mbest: 2/0, attached

    *via 101.101.101.1, Lo101, [0/0], 01:10:17, local

    *via 101.101.101.1, Lo101, [0/0], 01:10:17, direct

102.102.102.1/32, ubest/mbest: 2/0, attached

    *via 102.102.102.1, Lo102, [0/0], 01:10:17, local

    *via 102.102.102.1, Lo102, [0/0], 01:10:17, direct

201.201.201.1/32, ubest/mbest: 1/0

    *via 10.0.0.1, Eth1/5, [110/1], 00:23:07, ospf-1, type-2, tag 4294967295

222.222.221.0/24, ubest/mbest: 1/0

    *via 10.0.0.1, Eth1/5, [110/20], 00:06:11, ospf-1, type-2

222.222.222.0/24, ubest/mbest: 1/0

    *via 10.0.0.1, Eth1/5, [110/20], 00:06:11, ospf-1, type-2


n9k# show ip route vrf ISP2

99.99.99.99/32, ubest/mbest: 1/0

    *via 172.16.0.1, Eth1/24, [110/5], 01:10:21, ospf-1, intra

101.101.101.1/32, ubest/mbest: 1/0

    *via 172.16.0.1, Eth1/24, [110/1], 01:10:21, ospf-1, type-2, tag 4294967295

172.16.0.0/24, ubest/mbest: 1/0, attached

    *via 172.16.0.2, Eth1/24, [0/0], 01:10:21, direct

172.16.0.2/32, ubest/mbest: 1/0, attached

    *via 172.16.0.2, Eth1/24, [0/0], 01:10:21, local

201.201.201.1/32, ubest/mbest: 2/0, attached

    *via 201.201.201.1, Lo201, [0/0], 01:10:21, local

    *via 201.201.201.1, Lo201, [0/0], 01:10:21, direct

202.202.202.1/32, ubest/mbest: 2/0, attached

    *via 202.202.202.1, Lo202, [0/0], 01:10:21, local

    *via 202.202.202.1, Lo202, [0/0], 01:10:21, direct

222.222.221.0/24, ubest/mbest: 1/0

    *via 172.16.0.1, Eth1/24, [110/20], 00:06:20, ospf-1, type-2

222.222.222.0/24, ubest/mbest: 1/0

    *via 172.16.0.1, Eth1/24, [110/20], 00:06:20, ospf-1, type-2


Let’s say we would like to deny advertisement of subnet 222.222.221.0/24 subnet and also Implement Route Tagging (more useful in BGP)








We can see that subnet 222.222.221.0/24 is not being advertised to ISP1


n9k# show ip route vrf ISP1

IP Route Table for VRF "ISP1"

'*' denotes best ucast next-hop

'**' denotes best mcast next-hop

'[x/y]' denotes [preference/metric]

'%<string>' in via output denotes VRF <string>


1.1.1.1/32, ubest/mbest: 1/0

    *via 10.0.0.1, Eth1/5, [110/5], 01:21:50, ospf-1, intra

10.0.0.0/24, ubest/mbest: 1/0, attached

    *via 10.0.0.2, Eth1/5, [0/0], 01:21:50, direct

10.0.0.2/32, ubest/mbest: 1/0, attached

    *via 10.0.0.2, Eth1/5, [0/0], 01:21:50, local

101.101.101.1/32, ubest/mbest: 2/0, attached

    *via 101.101.101.1, Lo101, [0/0], 01:21:50, local

    *via 101.101.101.1, Lo101, [0/0], 01:21:50, direct

102.102.102.1/32, ubest/mbest: 2/0, attached

    *via 102.102.102.1, Lo102, [0/0], 01:21:50, local

    *via 102.102.102.1, Lo102, [0/0], 01:21:50, direct

201.201.201.1/32, ubest/mbest: 1/0

    *via 10.0.0.1, Eth1/5, [110/1], 00:34:40, ospf-1, type-2, tag 4294967295

222.222.222.0/24, ubest/mbest: 1/0

    *via 10.0.0.1, Eth1/5, [110/20], 00:17:44, ospf-1, type-2


Here we couldn’t see the use case of TAG as the routes were blocked.


Now let’s create route map to Permit-221 (it will permit both 221 & 222 )

We can see TAG - 666666


n9k# show ip route vrf ISP2

IP Route Table for VRF "ISP2"

'*' denotes best ucast next-hop

'**' denotes best mcast next-hop

'[x/y]' denotes [preference/metric]

'%<string>' in via output denotes VRF <string>


99.99.99.99/32, ubest/mbest: 1/0

    *via 172.16.0.1, Eth1/24, [110/5], 01:28:40, ospf-1, intra

101.101.101.1/32, ubest/mbest: 1/0

    *via 172.16.0.1, Eth1/24, [110/1], 01:28:40, ospf-1, type-2, tag 4294967295

172.16.0.0/24, ubest/mbest: 1/0, attached

    *via 172.16.0.2, Eth1/24, [0/0], 01:28:40, direct

172.16.0.2/32, ubest/mbest: 1/0, attached

    *via 172.16.0.2, Eth1/24, [0/0], 01:28:40, local

201.201.201.1/32, ubest/mbest: 2/0, attached

    *via 201.201.201.1, Lo201, [0/0], 01:28:40, local

    *via 201.201.201.1, Lo201, [0/0], 01:28:40, direct

202.202.202.1/32, ubest/mbest: 2/0, attached

    *via 202.202.202.1, Lo202, [0/0], 01:28:40, local

    *via 202.202.202.1, Lo202, [0/0], 01:28:40, direct

222.222.221.0/24, ubest/mbest: 1/0

    *via 172.16.0.1, Eth1/24, [110/20], 00:00:10, ospf-1, type-2, tag 666666

222.222.222.0/24, ubest/mbest: 1/0

    *via 172.16.0.1, Eth1/24, [110/20], 00:24:39, ospf-1, type-2




25 views0 comments

Comments

bottom of page