Version 32.4 adds support for leaking direct routes of specified VLAN(s) to a different Virtual Router (VR). Adjacent (directly connected) hosts are also reachable in the specified VR.
Note
This feature is an additional method for achieving Inter-VR routing without an external router. You can also allow a static route's gateway to be in a different VR by entering the configure iproute add command and specifying vlan egress_vlan, or redistribute routes from one OSPF instance to another OSPF instance in a different VR by entering the enable ospf export {vr} command.Leaked direct routes are created with origin direct-inter-vr in the leak-to-VR. These routes have a lower route priority than direct routes and a higher route priority than any other route type.
The route priority of direct-inter-vr can be modified using the iproute priority command. These routes can be redistributed to the OSPF protocol in the leak-to-VR like any other routes in the VR. OSPF‘s route redistribution command is also extended as part of this feature and includes the direct-inter-vr route type.
Note
To ping a directly attached host from the switch command line successfully, the ping command must specify the correct VR name (or use the correct command line VR context) containing the VLAN with that subnet. If another VR name or VR context is used, the ping will not be successful.Use the configure iproute add direct-inter-vr {ipv4} [{vlan} from_vlan_name | vlan from_vlan_list] {{vr} to_vr_name} command to add the direct routes of a VLAN or set of VLANs to be leaked to the leak-to-VR.
Use the configure iproute delete direct-inter-vr {ipv4} [{vlan} from_vlan_name | vlan from_vlan_list] {{vr} to_vr_name} command to delete a direct route of a VLAN or set of VLANs previously leaked to the leak-to-VR.
Use the show iproute direct-inter-vr {ipv4} {from-vr from_vr_name} {{vr} to_vr_name} command to display the configuration of Inter-VR direct routes.
A typical use case for this feature is when you have a printer IP directly attached to a switch on a VLAN in VR1. For example, a printer IP 10.1.1.222 on a VLAN names "yellow10" in VR1, with an IP address of 10.1.1.1/24. In this scenario, you want all users in VR1 and VR2 to access the printer using the same IP 10.1.1.222, without requireing an external router.
To accomplish this, you can configure the direct route of VLAN "yellow10" with IP 10.1.1.1/24 to be leaked to VR2. You can create a reverse routed path by configuring the direct route of VLAN "red20" with IP 20.1.1.1/24 in VR2 to be leaked to VR1.
By configuring direct route leaking, hardware and slow path forwarding tables are augmented to include all IP ARP entries on that interface, such as 10.1.1.222, in VR2 in addition to VR1.
Note
In this scenario, you do not want users in VR3 to access 10.1.1.0/24, on VR1 and VR2.The following example commands create or configure direct route leaking.
create vr VR1
create vlan yellow10 tag 10 vr VR1
configure yellow10 ipaddress 10.1.1.1/24
create vr VR2
create vlan red20 tag 20 vr VR2
configure red20 ipaddress 10.1.1.1/24
configure iproute add 30.1.1.0/24 20.1.1.254 vr VR2
create vr VR3
configure iproute add direct-inter-vr vlan yellow10 vr VR2
configure iproute add direct-inter-vr red20 VR1
The following example displays show command output for this feature:
# show iproute direct-inter-vr Inter-VR Direct IPv4 Routes Leaked To Virtual Router: VR1 Leak From VLAN Name VID Primary IP Addr. Leak From Virtual Router -------------------------------- ---- ------------------ ------------------------------ red20 20 20.1.1.1 /24 VR2 Inter-VR Direct IPv4 Routes Leaked To Virtual Router: VR2 Leak From VLAN Name VID Primary IP Addr. Leak From Virtual Router -------------------------------- ---- ------------------ ------------------------------ yellow10 10 10.1.1.1 /24 VR1
The following examples display the "div" origin prefix showing Direct-Inter-VR information.
# show iproute vr vr1 Ori Destination Gateway Mtr Flags VLAN Duration d 10.1.1.0/24 10.1.1.1 1 -------um---- yellow10 0d:0h:3m:12s div 20.1.1.0/24 20.1.1.1 1 -------um---- red20 0d:0h:2m:17s s 30.1.1.0/24 20.1.1.254 1 -G---S-um---- red20 0d:0h:1m:59s
# show iproute vr vr2 Ori Destination Gateway Mtr Flags VLAN Duration div 10.1.1.0/24 10.1.1.1 1 -------um---- yellow10 0d:0h:8m:39s d 20.1.1.0/24 20.1.1.1 1 -------um---- red20 0d:0h:9m:42s s 30.1.1.0/24 20.1.1.254 1 -G---S-um---- red20 0d:0h:0m:6s