Tuesday, 14 January 2020


EIGRP VRF Prefix-list and L3 VLAN routing




Requirement for this exercise.  Please find below example.

1.      To Create Layer 2 and Layer 3 Interface VLAN
2.      VLAN 1 in HeadOffice NewYork
3.      VLAN 2 in RemoteOffice Japan
4.      InterVLAN Routing across HeadOffice and Remote office
5.      Advertise New VLAN IP address range in VRF and EIGRP Routing
6.      HeadOffice to RemoteOffice Routers are running MPLS/BGP

7.      Router to Core Switches are running EIGRP in this exercise.


Commands List

Check New VLAN, Routing protocols and ACL in Core Switches and Router on both sites for new subnet IP range. New VLAN gateway IP should be PING able from both site after successfully created.
Ø  sh ip eigrp vrf Internal topology summary
Ø  ip prefix-list ACL_INTERNAL_PREFIX seq 333 permit 22.22.22.0/24 le 32
Ø  ping vrf Internal ip 22.22.22.
Ø  sh ip eigrp vrf Internal topology | i 22.22.22.
Ø  sh run | i 22.22.22.
Ø  sh vlan
Ø  sh run interface vlan 22

Note: Check ACL on Router any ACL/Prefix filter for new IP range etc... then allowed new subnet if needed. (ip prefix-list ACL_INTERNAL_PREFIX seq 333 permit 22.22.22.0/24 le 32)

Preparation Setup


1.      Create Layer 2 VLAN
2.      Create L3 VLAN and Add into vrf (EIGPR or base on your environment routing)
3.      Add prefix-list ACL if needed
4.      Ping Interface VLAN subnet IP.


New Subnet is not reflected in the EIGRP routing table yet even after creating VLAN and add to VRF for EIGRP Dynamic Routing. 1 route is missing and only 7879 routes is showing. It should be same as JapanRouter 7880 routes.

After checking routing information. Run through the configuration file (Show run). And found out ACL prefix-list is filtering for subnets. Hence, need to allow/permit new Subnet in that prefix ACL.

Check ACL on Router any ACL/Prefix filter for new IP range etc... then allowed new subnet if needed. (ip prefix-list ACL_INTERNAL_PREFIX seq 333 permit 22.22.22.0/24 le 32)




 


  
After adding Prefix ACL all routing is reflect in both site with same number of route 7880. Ping is reachable to newly created VLAN interface gateway ip address.
Check ACL on Router any ACL/Prefix filter for new IP range etc... then allowed new subnet if needed. (ip prefix-list ACL_INTERNAL_PREFIX seq 333 permit 22.22.22.0/24 le 32)






Cheers!

Yan Linn               
14-Jan-2020

No comments:

Post a Comment