VRF with IPv6
IPv6 routes support VRF. Static, connected, OSPF, and BGP routes can be isolated in different VRFs. BGP IPv6 routes can be leaked from one VRF to another.
config router bgp config vrf6 edit <origin vrf-id> config leak-target edit <target vrf-id> set route-map <route-map> set interface <interface> next end next end end
The origin or target VRF ID is an integer value from 0 - 31.
config router static6 edit <id> set vrf <vrf-id> next end
Using a VRF leak on BGP
In this example, the route 2000:5:5:5::/64 learned from Router 1 is leaked to VRF 20 through the interface vlan552. Conversely, the route 2009:3:3:3::/64 learned from Router 2 is leaked to VRF 10 through interface vlan55.
To configure VRF leaking in BGP:
-
Configure the BGP neighbors:
config router bgp set as 65412 config neighbor edit "2000:10:100:1::1" set activate disable set remote-as 20 set update-source "R150" next edit "2000:10:100:1::5" set activate disable set soft-reconfiguration enable set interface "R160" set remote-as 20 next end end
-
Configure the VLAN interfaces:
config system interface edit "vlan55" set vdom "root" set vrf 10 set ip 55.1.1.1 255.255.255.0 set device-identification enable set role lan set snmp-index 51 config ipv6 set ip6-address 2000:55::1/64 end set interface "npu0_vlink0" set vlanid 55 next edit "vlan552" set vdom "root" set vrf 20 set ip 55.1.1.2 255.255.255.0 set device-identification enable set role lan set snmp-index 53 config ipv6 set ip6-address 2000:55::2/64 end set interface "npu0_vlink1" set vlanid 55 next end
-
Configure the IPv6 prefixes:
config router prefix-list6 edit "1" config rule edit 1 set prefix6 2000:5:5:5::/64 unset ge unset le next end next edit "2" config rule edit 1 set prefix6 2009:3:3:3::/64 unset ge unset le next end next end
-
Configure the route maps:
config router route-map edit "from106" config rule edit 1 set match-ip6-address "1" next end next edit "from206" config rule edit 1 set match-ip6-address "2" next end next end
-
Configure the IPv6 route leaking (leak route 2000:5:5:5::/64 learned from Router 1 to VRF 20, then leak route 2009:3:3:3::/64 learned from Router 2 to VRF 10):
config router bgp config vrf6 edit "10" config leak-target edit "20" set route-map "from106" set interface "vlan55" next end next edit "20" config leak-target edit "10" set route-map "from206" set interface "vlan552" next end next end end
To verify the VRF leaking:
-
Check the routing table before the leak:
# get router info6 routing-table bgp Routing table for VRF=10 B 2000:5:5:5::/64 [20/0] via fe00::2000:0000:0000:00, R150, 00:19:45 Routing table for VRF=20 B 2008:3:3:3::/64 [20/0] via fe00::3000:0000:0000:00, R160, 00:18:49 B 2009:3:3:3::/64 [20/0] via fe00::3000:0000:0000:00, R160, 00:18:49
-
Check the routing table after the leak:
# get router info6 routing-table bgp Routing table for VRF=10 B 2000:5:5:5::/64 [20/0] via fe00::2000:0000:0000:0, R150, 00:25:45 B 2009:3:3:3::/64 [20/0] via fe80::10:0000:0000:4245, vlan55, 00:00:17 Routing table for VRF=20 B 2000:5:5:5::/64 [20/0] via fe80::10:0000:0000:4244, vlan552, 00:00:16 B 2008:3:3:3::/64 [20/0] via fe00::3000:0000:0000:00, R160, 00:24:49 B 2009:3:3:3::/64 [20/0] via fe00::3000:0000:0000:00, R160, 00:24:49
Using VRF on a static route
In this example, a VRF is defined on static route 22 so that it will only appear in the VRF 20 routing table.
To configure the VRF on the static route:
config router static6 edit 22 set dst 2010:2:2:2::/64 set blackhole enable set vrf 20 next end