Community discussions

MikroTik App
 
ericdriver
just joined
Topic Author
Posts: 18
Joined: Thu Aug 20, 2020 8:03 am

BGP VRF route leak

Wed Mar 06, 2024 11:52 am

I have route to 10.150.45.0/24(getting from BGP) in vrf vrfTest1.
I was able to leak this route into vrf vrfTest2.
However "Immediate Gateway" for this route in vrf vrfTest2 is unknown, the host in 10.150.45.0/24 is not reacheble.
When I create static route to 10.150.45.0/24 everythink works.
RouterOS v7.14, 7.15beta no changes
What is wrong?
You do not have the required permissions to view the files attached to this post.
 
User avatar
nichky
Forum Guru
Forum Guru
Posts: 1389
Joined: Tue Jun 23, 2015 2:35 pm

Re: BGP VRF route leak

Wed Mar 06, 2024 12:15 pm

without adding a static route, can u ping the other end?
 
ericdriver
just joined
Topic Author
Posts: 18
Joined: Thu Aug 20, 2020 8:03 am

Re: BGP VRF route leak

Wed Mar 06, 2024 12:27 pm

without adding a static route, can u ping the other end?
no, as I already mentioned "the host in 10.150.45.0/24 is not reacheble." Static route works, BGP route doesn't work
 
ericdriver
just joined
Topic Author
Posts: 18
Joined: Thu Aug 20, 2020 8:03 am

Re: BGP VRF route leak

Wed Mar 06, 2024 1:54 pm

Just trying to change BGP to OSPF, everything works fine, it seems it is BUG
You do not have the required permissions to view the files attached to this post.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7185
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: BGP VRF route leak

Wed Mar 06, 2024 3:41 pm

I would say that it is misconfiguration. VPNv4 requires at least LDP, otherwiseVPNv4 MPLS label cannot be resolved.
 
ericdriver
just joined
Topic Author
Posts: 18
Joined: Thu Aug 20, 2020 8:03 am

Re: BGP VRF route leak

Thu Mar 07, 2024 6:49 am

I would say that it is misconfiguration. VPNv4 requires at least LDP, otherwiseVPNv4 MPLS label cannot be resolved.
I just need dynamic VRF-lite route leaking on the local router https://help.mikrotik.com/docs/pages/vi ... uteleaking
Is it working with BGP routes?
 
User avatar
nichky
Forum Guru
Forum Guru
Posts: 1389
Joined: Tue Jun 23, 2015 2:35 pm

Re: BGP VRF route leak

Thu Mar 07, 2024 7:26 am

VPNv4 works perfectly fine on v7
 
abdurrazaqa
just joined
Posts: 18
Joined: Wed Jan 11, 2017 10:40 am
Contact:

Re: BGP VRF route leak

Thu Jul 04, 2024 3:49 pm

i have the same scenario, bgp route leak for vrf lite, unable to reach, any luck @ericdriver
 
abdurrazaqa
just joined
Posts: 18
Joined: Wed Jan 11, 2017 10:40 am
Contact:

Re: BGP VRF route leak

Thu Jul 04, 2024 3:57 pm

CHECK ATTACHMENT
You do not have the required permissions to view the files attached to this post.
 
abdurrazaqa
just joined
Posts: 18
Joined: Wed Jan 11, 2017 10:40 am
Contact:

Re: BGP VRF route leak

Thu Jul 04, 2024 6:11 pm

SCENARIO IS SIMPLE

I HAVE SEVERAL VRF-LITE, SAY A VRF-A, I HAVE SEVERAL ROUTES LEARNED FROM iBGP
This iBGP routes successfully exported to another VRF-B, using /routing/bgp/vpn.

Routing table show all reachable, but while pinging the destination with specific source IP, is says invalid arguement(status:22)

0 22 (Invalid argument)
1 22 (Invalid argument)
2 22 (Invalid argument)
3 22 (Invalid argument)
 
User avatar
Railander
Frequent Visitor
Frequent Visitor
Posts: 89
Joined: Thu Jun 16, 2016 11:30 pm

Re: BGP VRF route leak

Tue Jul 09, 2024 10:58 am

7.15.2
simplest way i could route leak (to effectively append BGP AS) was with inter-VRF BGP peering. or at least for ipv4.
ip ad add address=172.16.0.0 interface=lo
ip vrf add name=AS65001 interface=bridge-AS65001
ip ad add address=172.16.0.1 interface=AS65001
ip route add dst=172.16.0.1 gateway=AS65001@AS65001
ip route add dst=172.16.0.0 gateway=lo routing-mark=AS65001
both 172.16.0.0 and .1 can ping each other and BGP peering is successful.
however, exact same setup doesn't work for ipv6, ping returns "hop limit exceeded" but only when trying to ping from VRF AS65001 to main VRF, the other way around does ping.
is this a known bug or do i need to do something extra?
i'm assuming it's a bug since it only pings one-way if i don't specify the source. if i do it doesn't ping.
ipv6 ad add address=fd00:: interface=lo
ip vrf add name=AS65001 interface=bridge-AS65001
ipv6 ad add address=fd00::1 interface=AS65001
ipv6 route add dst=fd00::1 gateway=AS65001@AS65001
ipv6 route add dst=fd00:: gateway=lo routing-mark=AS65001

> ping 172.16.0.1 src-address=172.16.0.0
SEQ HOST SIZE TTL TIME STATUS
0 172.16.0.1 56 64 38us

> ping 172.16.0.0 src-address=172.16.0.1 vrf=AS65001
SEQ HOST SIZE TTL TIME STATUS
0 172.16.0.0 56 64 45us

> ping fd00::1 src-address=fd00::
SEQ HOST SIZE TTL TIME STATUS
0 fd00:: 104 64 124us hop limit e...

> ping fd00:: src-address=fd00::1 vrf=AS65001
SEQ HOST SIZE TTL TIME STATUS
0 fd00:: 104 64 52us hop limit e...

the weird ones indicating a bug, since ipv4 works the same just fine even without specifying src address.

> ping fd00::1
SEQ HOST SIZE TTL TIME STATUS
0 fd00::1 56 64 33us echo reply

> ping fd00:: vrf=AS65001
SEQ HOST SIZE TTL TIME STATUS
0 fd00:: timeout

Who is online

Users browsing this forum: No registered users and 2 guests