VRF Lite with redistribution between BGP and EIGRP
Some of my posts are just things that I was pretty sure worked but wasn’t 100% on how it worked and what the exact config looked like. In these situations if I can’t find something in a blog or on the Cisco site I post something to make it easier for the next guy trying to do the same thing.
In a recent project I had a site with full L3 from the access layer up through distribution to core and MPLS CE. The CE runs BGP and peers with the PE and redistributes both ways between EIGRP and BGP. The core, distribution and access layers run EIGRP; it’s a pretty standard design nowadays. The goal of the project was to connect a device on a segregated network and have it logically segregated on the LAN using the same hardware so that it can connect to a different MPLS VPN presented over the same bearer by the MPLS provider.
To achieve this the EIGRP and BGP was pretty simple and overlaying the vrf (called RED) on top was also pretty standard. For EIGRP you can assign a separate ASN for the overlaid VRF to make things clearer to understand.
router eigrp 800 network 10.0.0.0 network 192.168.0.0 no auto-summary ! address-family ipv4 vrf RED network 10.0.0.0 network 192.168.0.0 no auto-summary autonomous-system 900 exit-address-family !
On R3 you then need to redistribute from the new ASN in your BGP process.
address-family ipv4 vrf RED redistribute eigrp 900 neighbor 192.168.0.11 remote-as 2800 neighbor 192.168.0.11 activate no synchronization exit-address-family
You don’t need to do this with BGP as MBGP ensures that you redistribute from the right vrf.
router eigrp 800 redistribute bgp 6500 metric 10000 0 255 1 1500 network 192.168.0.0 no auto-summary ! address-family ipv4 vrf RED redistribute bgp 6500 metric 10000 0 255 1 1500 network 192.168.0.0 no auto-summary autonomous-system 900 exit-address-family !
Uses of this solution include pushing dirty internet or guest network down to the access layer if you’re doing stuff like dot1x in an environment with L3 between the network tiers.
Full configs of the lab below.