Inter-VPRN Routing & Route Leaking

[cshultz]

Hello all, I'm setting up a new SR-2S on 22.10 and I'm having issues getting VPRNs to leak routes to eachother using vrf-export and vrf import. I've tried every combination of policy and vrd-target I can think of but nothing has worked. Interestingly enough leaking to GRT does work and so does routing to the GRT. Below is a configuration snippet from VPRN in question along with it's vrf-export and vrd-import policies. Notice though I do have entries in the policies I've set the default action to accept. Any assistance would be greatly appreciated!

*A:OPHE-7750-01>config>service>vprn# info
----------------------------------------------
description "Network Services VPRN"
autonomous-system 22987
interface "To-OPHE-FW-01" create
description "Interface from OPHE-7750-01 to OPHE-FW-01"
address 10.80.88.13/30
sap lag-10:1010.0 create
exit
exit
static-route-entry 0.0.0.0/0
grt
no shutdown
exit
exit
grt-lookup
enable-grt
exit
export-grt "VPRN-2010-GRT-EXPORT"
exit
bgp-ipvpn
mpls
route-distinguisher 10.40.9.1:2010
vrf-import "VPRN-2010-VRF-IMPORT"
vrf-export "VPRN-2010-VRF-EXPORT"
vrf-target export target2010 import target2005
no shutdown
exit
exit
bgp
group "OPHE-FW-01"
family ipv4
import "OPHE-FW-01_Import"
export "OPHE-FW-01_Export"
peer-as 64999
neighbor 10.80.88.14
exit
exit
no shutdown
exit
no shutdown
----------------------------------------------

*A:OPHE-7750-01# show router policy "VPRN-2010-VRF-EXPORT"
description "Policy statement for VPRN 2010 VRF export."
entry 10
description "From prefix-list NETWORK-SERVICES which will have DHCP, DNS, NTP subnets"
from
prefix-list "NETWORK-SERVICES"
exit
action accept
community add "2010"
exit
exit
entry 20
description "Allow directly connected"
from
protocol direct
exit
action accept
community add "2010"
exit
exit
default-action accept
exit

*A:OPHE-7750-01# show router policy "VPRN-2010-VRF-IMPORT"
description "Policy statement for VPRN 2010 VRF import."
entry 10
from
community "2005"
exit
action accept
exit
exit
default-action accept
exit

[cshultz]

Forgot to add community information!
community "2010" members "target2010"
community "2005" members "target2005"

[paramount]

Hi,

Although this will be a backplane type of function, I am pretty certain you will need to enable the bgp-vpn address family as that looks missing from your configs.

Otherwise I don’t think any process will pick up these prefixes for you.

Thanks
Paramount

[cshultz]

Wanted to post an update as I found the fix! I didn't have BGP enabled in the default routing instance just yet, when I enabled it, VRF route leaking started to work! So for those struggling with the same issue, make sure BGP is configured in the base routing instance!

[paramount]

Thanks for the update, my mistake, I was reading your bgp config as if it were global.
Great that it's all working for you now.

Paramount