Guest

Preview Tool

Cisco Bug: CSCvv59012 - XR BGP VRF-to-VRF leaked route remains in destination VRF after removing leaking RT

Last Modified

Sep 03, 2020

Products (1)

  • Cisco ASR 9000 Series Aggregation Services Routers

Known Affected Releases

5.3.4.BASE 6.3.3.BASE

Description (partial)

Symptom:
VRF-to-VRF leaked route remains in destination VRF even after removing leaking RT from destination VRF config.
This applies only for the scenario, when destination VRF has additional and equal import/export RT.

[1] Prefix received inside source VRF from external peer
 
RP/0/RSP0/CPU0:skaikru#show bgp instance az vrf import-A
Mon Aug 17 16:05:19.601 CEST
BGP VRF import-A, state: Active
BGP Route Distinguisher: 10.0.0.10:0
VRF ID: 0x6000001a
BGP router identifier 10.0.0.10, local AS number 65000
Non-stop routing is enabled
BGP table state: Active
Table ID: 0xe0000029   RD version: 46
BGP main routing table version 47
BGP NSR Initial initsync version 35 (Reached)
BGP NSR/ISSU Sync-Group versions 47/0
 
Status codes: s suppressed, d damped, h history, * valid, > best
              i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
   Network            Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 10.0.0.10:0 (default for vrf import-A)
*>i0.0.0.0/0          10.10.12.1                    100     10 i

[2] There is route-map controlled route-leaking between source and destination VRFs
 
RP/0/RSP0/CPU0:skaikru#show run vrf import-A
Mon Aug 17 16:06:01.027 CEST
vrf import-A
address-family ipv4 unicast
  import route-target
   35819:100
  !
  export route-policy export-B
  export route-target
   35819:100
  !
!
!

RP/0/RSP0/CPU0:skaikru#show rpl route-policy export-B
Mon Aug 17 16:06:07.907 CEST
route-policy export-B
  if destination in (0.0.0.0/0) then
    set weight 10
    set extcommunity rt (35819:700) additive
  endif
end-policy

[3] Prefix is exported from source VRF and imported into destination VRF
 
RP/0/RSP0/CPU0:skaikru#show run vrf import-B
Mon Aug 17 14:17:46.433 CEST
vrf import-B
address-family ipv4 unicast
  import from vrf advertise-as-vpn
  import route-target
   35819:200
   35819:700
  !
  export route-target
   35819:200
  !
!
 
RP/0/RSP0/CPU0:skaikru#show bgp instance az vrf import-B 0.0.0.0/0
Mon Aug 17 14:19:16.994 CEST
BGP routing table entry for 0.0.0.0/0, Route Distinguisher: 10.0.0.10:1
Versions:
  Process           bRIB/RIB  SendTblVer
  Speaker                 47          47
    Local Label: 24142
Last Modified: Aug 17 14:18:46.167 for 00:00:30
Paths: (1 available, best #1)
  Not advertised to any peer
  Path #1: Received by speaker 1
  Not advertised to any peer
  Local
    10.10.12.1 from 10.10.12.1 (10.0.0.12)
      Origin IGP, localpref 100, weight 10, valid, internal, best, group-best, import-candidate, imported
      Received Path ID 0, Local Path ID 1, version 47
      Extended community: RT:35819:100 RT:35819:200 RT:35819:700
      Source AFI: VPNv4 Unicast, Source VRF: import-A, Source Route Distinguisher: 10.0.0.10:0

[4]Removing ?leaking? route-target from target VRF does not clears route
 
RP/0/RSP0/CPU0:skaikru(config)#vrf import-B
RP/0/RSP0/CPU0:skaikru(config-vrf)#address-family ipv4 unicast
RP/0/RSP0/CPU0:skaikru(config-vrf-af)#import route-target
RP/0/RSP0/CPU0:skaikru(config-vrf-import-rt)#no 35819:700
RP/0/RSP0/CPU0:skaikru(config-vrf-import-rt)#commit
Mon Aug 17 14:24:29.539 CEST
RP/0/RSP0/CPU0:skaikru(config-vrf-import-rt)#
 
RP/0/RSP0/CPU0:skaikru#show bgp instance az vrf import-B 0.0.0.0/0
Mon Aug 17 14:24:35.795 CEST
BGP routing table entry for 0.0.0.0/0, Route Distinguisher: 10.0.0.10:1
Versions:
  Process           bRIB/RIB  SendTblVer
  Speaker                 47          47
    Local Label: 24142
Last Modified: Aug 17 14:18:46.172 for 00:05:49
Paths: (1 available, best #1)
  Not advertised to any peer
  Path #1: Received by speaker 1
  Not advertised to any peer
  Local
    10.10.12.1 from 10.10.12.1 (10.0.0.12)
      Origin IGP, localpref 100, weight 10, valid, internal, best, group-best, import-candidate, imported
      Received Path ID 0, Local Path ID 1, version 47
      Extended community: RT:35819:100 RT:35819:200 RT:35819:700
      Source AFI: VPNv4 Unicast, Source VRF: import-A, Source Route Distinguisher: 10.0.0.10:0

Conditions:
Destination VRF has additional and equal import/export RT
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.