Jump to content

SD-WAN Route Leaking (Task 2.4) Question


Recommended Posts

How is everyone creating the control policy/topologies for this route leaking?

The way I see it, you could:

#1 - create two topologies, one for branches to leak 198/200 into VPN 999, and apply it directly to the branch site-ids....and another topology for the DC to leak VPN 999 into 198/200, applied directly to the DC site-id

OR

#2 - create one topology, and make your entries more specific to reference a site-id for branches and a site-id for DC, relevant to what the task asks for...and then attach both branch and DC to the policy

 

Both seem to work fine...just trying to figure out if one of them is the "wrong" way to do it based on the task.

  • Like 3
Link to comment
Share on other sites

  • 1 month later...

Don’t forget you also need to filter a prefix at the branch level. 
 

I would go with Option one because you need to filter based on the direction of the routes from the vSmarts perspective so you couldn’t filter one without filtering the other with a single policy. 

  • Like 2
Link to comment
Share on other sites

  • 3 weeks later...
  • 5 months later...

Has anyone had problems getting b1/b2 to communicate with DMVPN sites? In VPN999 template, under OMP, I redistributed OSPF External routes. However, it does not reach vEdge40/51/52.

I see that vEdge21/22 has O E2 10.6.0.0/15 installed, but I don't know why vSmart doesn't advertise to b1/b2. Would appreciate your comments.

  • Like 1
Link to comment
Share on other sites

18 hours ago, visasman said:

Has anyone had problems getting b1/b2 to communicate with DMVPN sites? In VPN999 template, under OMP, I redistributed OSPF External routes. However, it does not reach vEdge40/51/52.

I see that vEdge21/22 has O E2 10.6.0.0/15 installed, but I don't know why vSmart doesn't advertise to b1/b2. Would appreciate your comments.

  • check for prefix suppression , try clear ospf in DC.
  • Check if you're fully converged in VPNV4 - SP1
  • Thanks 1
Link to comment
Share on other sites

12 hours ago, Siscco said:
  • check for prefix suppression , try clear ospf in DC.
  • Check if you're fully converged in VPNV4 - SP1
  • I will try to clear the OSPF process to all OSPF speakers running in DC
  • Can you elaborate little more about checking VPNv4 convergence in SP#1?
Link to comment
Share on other sites

19 hours ago, visasman said:
  • I will try to clear the OSPF process to all OSPF speakers running in DC
  • Can you elaborate little more about checking VPNv4 convergence in SP#1?

Clearing the OSPF process in all DC OSPF devices solved the problem. 👍

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...