On 3/10/21 1:34 AM, Greesha Mikhalkin wrote:
> I see. When i do `ping -I vrf2` to address that was leaked from vrf1
> it selects source address that's set as local in vrf1 routing table.
> Is this expected behavior? I guess, forwarding packets from vrf1 to
> vrf2 local address won't help here.
>
That's the way the source address selection works -- it takes the fib
lookup result and finds the best source address match for it.
Try adding 'src a.b.c.d' to the leaked route. e.g.,
ip ro add 172.16.1.0/24 dev red vrf blue src 172.16.2.1
where red and blue are VRFs, 172.16.2.1 is a valid source address in VRF
blue and VRF red has the reverse route installed.
