Interleak Redistribution for MP-BGP

This chapter contains the following sections:

Overview Interleak Redistribution for MP-BGP

This topic provides how to configure an interleak redistribution in the Cisco Application Centric Infrastructure (ACI) fabric using Cisco Application Policy Infrastructure Controller (APIC).

In Cisco ACI, a border leaf node on which Layer 3 Outsides (L3Outs) are deployed redistributes L3Out routes to the BGP IPv4/IPv6 address family and then to the MP-BGP VPNv4/VPNv6 address family along with the VRF information so that L3Out routes are distributed from a border leaf node to other leaf nodes through the spine nodes. Interleak redistribution in the Cisco ACI fabric refers to this redistribution of L3Out routes to the BGP IPv4/IPv6 address family. By default, interleak happens for all L3Out routes, such as routes learned through dynamic routing protocols, static routes, and directly-connected subnets of L3Out interfaces, except for routes learned through BGP. Routes learned through BGP are already in the BGP IPv4/IPv6 table and are ready to be exported to MP-BGP VPNv4/VPNv6 without interleak.

Interleak redistribution allows users to apply a route-map to redistribute L3Out routes selectively into BGP to control which routes should be visible to other leaf nodes, or to set some attributes to the routes, such as BGP community, preference, metric, and so on. This redistribution enables selective transit routing to be performed on another border leaf node based on the attributes set by the ingress border leaf node or so that other leaf nodes can prefer routes from one border leaf node to another.

Applying a route map to interleak redistribution from OSPF and EIGRP routes has been available in earlier releases.

Configuring a Route Map for Interleak Redistribution Using the GUI

Route maps for interleak redistribution can be created under Tenant > Policies > Protocol > Route Maps for BGP Dampening, Inter-leak.

Before you begin

Create the tenant.

Procedure

Step 1

On the menu bar, click Tenants.

Step 2

In the Work pane, double click the tenant's name.

Step 3

In the Navigation pane, expand tenant_name > Policies > Protocol > Route Maps for BGP Dampening, Inter-leak.

Step 4

Right-click Route Maps for BGP Dampening, Inter-leak and click Create Route Maps for BGP Dampening, Inter-leak.

Step 5

In the Create Route Maps for BGP Dampening, Inter-leak dialog box, perform the following actions:

  1. In the Name field, enter a name for the route map to control interleak (redistribution to BGP).

  2. In the Type field, you must choose Match Routing Policy Only.

Step 6

In the Contexts area, click the + sign to open the Create Route Control Context dialog box, and perform the following actions:

  1. Populate the Order and the Name fields as desired.

  2. In the Action field, choose Permit.

  3. In the Match Rule field, choose your desired match rule or create a new one.

  4. In the Set Rule field, choose your desired set rule or create a new one.

  5. Click OK.

Repeat this step for each route control context that you need to create.

Step 7

In the Create Route Maps for BGP Dampening, Inter-leak dialog box, click Submit.

Applying a Route Map for Interleak Redistribution Using the GUI

A route map to customize interleak redistribution from a specific L3Out must be applied through the L3Out.

Before you begin

Create the tenant, VRF, and L3Out.

Procedure

Step 1

On the menu bar, click Tenants.

Step 2

In the Work pane, double click the tenant's name.

Step 3

In the Navigation pane, expand tenant_name > Networking > L3Outs > L3Out_name.

Step 4

Click the Policy > Main tab to access the Properties window for this L3Out.

Step 5

For the OSPF or EIGRP routes, perform the following actions:

  1. In the Route Profile for Interleak field, choose or create a route map/profile.

  2. In the Work pane, click Submit, then Submit Changes.

Configuring Interleak Redistribution Using the NX-OS-Style CLI

The following procedure describes how to configure the interleak redistribution using the NX-OS-style CLI.

Before you begin

Create the tenant, VRF, and L3Out.

Procedure

Step 1

Configure the route map for interleak redistribution for the border leaf node.

Example:

The following example configures the route map CLI_RP with an IP prefix-list CLI_PFX1 for tenant CLI_TEST and VRF VRF1: 

apic1# conf t
apic1(config)# leaf 101
apic1(config-leaf)# vrf context tenant CLI_TEST vrf VRF1
apic1(config-leaf-vrf)# route-map CLI_RP
apic1(config-leaf-vrf-route-map)# ip prefix-list CLI_PFX1 permit 192.168.1.0/24
apic1(config-leaf-vrf-route-map)# match prefix-list CLI_PFX1 [deny]

Step 2

Configure the interleak redistribution using the configured route-map.

Example:

The following example configures the redistribution of OSPF routes with the configured route map CLI_RP: 

apic1# conf t
apic1(config)# leaf 101
apic1(config-leaf)# router bgp 65001
apic1(config-leaf-bgp)# vrf member tenant CLI_TEST vrf VRF1
apic1(config-leaf-bgp-vrf)# redistribute ospf route-map CLI_RP

Configuring Interleak Redistribution Using the REST API

The following procedure describes how to configure the interleak redistribution using the REST API.

Before you begin

Create the tenant, VRF, and L3Out.

Procedure

Step 1

Configure the route-map for interleak redistribution.

Example:

The following example configures a route map INTERLEAK_RP with two contexts (ROUTES_A and ROUTES_ALL). The first context ROUTES_A matches with an IP prefix-list 10.0.0.0/24 le 32 to set a community attribute via set rule COM_A. The second context matches with all routes. 

POST: https://<APIC IP>/api/mo/uni.xml
BODY:
<fvTenant dn="uni/tn-SAMPLE">
    <!-- route map with two contexts (ROUTES_A and ROUTES_ALL)-->
    <rtctrlProfile type="global" name="INTERLEAK_RP">
        <rtctrlCtxP name="ROUTES_A" order="0" action="permit">
            <rtctrlRsCtxPToSubjP tnRtctrlSubjPName="PFX_10-0-0-0_24"/>
            <rtctrlScope>
                <rtctrlRsScopeToAttrP tnRtctrlAttrPName="COM_A"/>
            </rtctrlScope>
        </rtctrlCtxP>
        <rtctrlCtxP name="ROUTES_ALL" order="9" action="permit">
            <rtctrlRsCtxPToSubjP tnRtctrlSubjPName="ALL_PREFIX"/>
        </rtctrlCtxP>
    </rtctrlProfile>

    <!-- match rule with an IP prefix-list -->
    <rtctrlSubjP name="ALL_PREFIX">
        <rtctrlMatchRtDest ip="0.0.0.0/0" aggregate="yes"/>
    </rtctrlSubjP>

    <!-- match rule with an IP prefix-list -->
    <rtctrlSubjP name="PFX_10-0-0-0_24">
        <rtctrlMatchRtDest ip="10.0.0.0/24" aggregate="yes"/>
    </rtctrlSubjP>

    <!-- setu rule for community attribute -->
    <rtctrlAttrP name="COM_A">
        <rtctrlSetComm type="community" setCriteria="append" community="regular:as2-nn2:100:200"/>
    </rtctrlAttrP>
</fvTenant>

Step 2

Apply the configured route map to an L3Out.

The following example applies the route map from Step 1 to L3Out l3out1 to customize interleak redistribution of OSPF or EIGRP routes of the given L3Out.

L3extRsInterleakPol is applied for dynamic routing protocol (OSPF/EIGRP) routes used by the given L3Out.

Example:

POST: https://<APIC IP>/api/mo/uni.xml
BODY:
<fvTenant dn="uni/tn-SAMPLE">
    <l3extOut name="l3out1">
        <!-- interleak redistribution for OSPF/EIGRP routes -->
        <l3extRsInterleakPol tnRtctrlProfileName="INTERLEAK_RP"/>
    </l3extOut>
</fvTenant>