Got it
Huawei Enterprise Support Community
Community Forums Routing & Switching
Route leak between GRT an...

Route leak between GRT and vpn-instance for interfaces on same router.

Created: Jul 29, 2020 18:17:00Latest reply: Aug 3, 2020 07:51:20 603 4 0 0 0
  HiCoins as reward: 0 (problem unresolved)
View the author 1#

Hi,


I've searched this forum for this use case and its seems on Huawei devices it's not possibly to do route leaking between the GRT(global routing table) and a vpn-instance for interfaces on the same router.


I would like to know if anyone has any more information besides the one i encountered.


Case1:


Router1 (Huawei AR)

vlan1 - grt - subnet1

vlan2 - vpn-instance1 subnet2

vlan3 - vpn-instance1 subnet3

vlan4 - vpn-instance2 subnet4


I need to allow subnet3 from vpn-instance1 to reach subnet1 and vice-versa.


I can't use static routes because i'm using interfaces that belong to the same router(nexthop issue), there's another possibilty by using interface pbr, i can use a traffic behaviour do redirect the traffic from the grt to a vpn-instance, but i can't find a method to do the oposite.


I don't know if anyone from Huawei participates on this forum and would be able to provide any help, on last resort i will try to open a suport case.


Best regards


 



Like (0) Dislike (0) Favorite(0) Share Report
Previous: Huawei 4G Router 3 Pro B535
Next: Qos huawei b612s router SUPORT
Featured Answers

Recommended answer

(0) (0)
Popeye_Wang
Admin Created Jul 30, 2020 00:54:27

Hi,
The Public network routes and the VPN routes must have different next hops. Therefore, I think the most effective and convenient way is to configure static routes. Please refer to:
https://support.huawei.com/enterprise/en/knowledge/EKB1001162886
or
https://forum.huawei.com/enterprise/en/route-leaking-between-vpn-instance/thread/576736-863
I hope this helps.
View more
  • x
  • convention:

Ivanleonardo
Ivanleonardo Created Jul 30, 2020 17:58:43 (0) (0)
Hi, Thanks for your answer but both examples don't apply to my use case.

"https://support.huawei.com/enterprise/en/knowledge/EKB1001162886" , this example it's used for traffic passing to another router.

"https://forum.huawei.com/enterprise/en/route-leaking-between-vpn-instance/thread/576736-863" it's only suitable for use cases between vpn-instance.

My use case is for traffic only on the same router and between the public routing table and a vpn-instance.

Regards 
All Answers
(0) (0)
2#
HAzcanio
HAzcanio Created Jul 29, 2020 18:23:45

Hi user,

Thanks for your question in the Support Forum.

One of our experts will answer you soon.

Regards,

HAzcanio
View more
  • x
  • convention:
(0) (0)
3#
Popeye_Wang
Popeye_Wang Admin Created Jul 30, 2020 00:54:27

Hi,
The Public network routes and the VPN routes must have different next hops. Therefore, I think the most effective and convenient way is to configure static routes. Please refer to:
https://support.huawei.com/enterprise/en/knowledge/EKB1001162886
or
https://forum.huawei.com/enterprise/en/route-leaking-between-vpn-instance/thread/576736-863
I hope this helps.
View more
  • x
  • convention:

Ivanleonardo
Ivanleonardo Created Jul 30, 2020 17:58:43 (0) (0)
Hi, Thanks for your answer but both examples don't apply to my use case.

"https://support.huawei.com/enterprise/en/knowledge/EKB1001162886" , this example it's used for traffic passing to another router.

"https://forum.huawei.com/enterprise/en/route-leaking-between-vpn-instance/thread/576736-863" it's only suitable for use cases between vpn-instance.

My use case is for traffic only on the same router and between the public routing table and a vpn-instance.

Regards 
(0) (0)
4#
Popeye_Wang
Popeye_Wang Admin Created Aug 3, 2020 07:51:20

Posted by Popeye_Wang at 2020-07-30 00:54 Hi,The Public network routes and the VPN routes must have different next hops. Therefore, I think th ...

In the post 576736-863, G0/0/0 of R2 belongs to the VPN, and G0/0/1 belongs to the public network. It should be similar to what you described. AR routers do not support the function of importing the IPv4 route between VPN and public network instances Static routing like NE router. Using the static route is a viable approach. You can ask the TAC whether there are other methods.

I wish you all the best.

View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.