Configuring Route Import Between VPN and Public Network Instances

Route import between VPN and public network instances enables VPN users and public network users to communicate.

Procedure

Configure route import between VPN and public network instances.

If you do not want a VPN instance to change the next hops of routes imported from the public network instance or other VPN instances when advertising these routes to its IBGP peers, run the import-rib route next-hop-invariable command for the VPN instance.
1. Run system-view
  The system view is displayed.
2. Configure the device to import different types of VPN routes to the public network instance's corresponding routing tables.
  - To configure the device to import direct routes from a VPN instance to the public network instance's corresponding routing table, run the ip import-rib vpn-instance vpn-instance-name protocol direct [ route-policy route-policy-name | route-filter route-filter-name ] command.
  - To configure the device to import Vlink direct routes from a VPN instance to the public network instance's corresponding routing table, run the ip import-rib vpn-instance vpn-instance-name protocol vlink-direct-route [ route-policy route-policy-name | route-filter route-filter-name ] command.
  - To configure the device to import static or IGP routes from a VPN instance to the public network instance's corresponding routing table, run the ip import-rib vpn-instance vpn-instance-name protocol { static | isis process-id | ospf process-id } [ valid-route ] [ route-policy route-policy-name | route-filter route-filter-name ] command.
  - Configure the device to import BGP routes from a VPN instance to the public network instance's BGP routing table.
    1. Run bgp as-number
      
      The BGP view is displayed.
    2. Run ipv4-family unicast
      
      The BGP-IPv4 unicast address family view is displayed.
    3. Run import-rib vpn-instance vpn-instance-name [ include-label-route ] [ valid-route ] [ route-policy route-policy-name | route-filter route-filter-name ]
      
      The device is configured to import BGP routes from a VPN instance to the public network instance's BGP routing table.
    4. Run quit
      
      Return to the BGP view.
    5. Run quit
      
      Return to the system view.
3. Configure the device to import different types of routes from the public network instance to a VPN instance's corresponding routing tables.
  - Configure the device to import direct routes, static routes, or IGP routes from the public network instance to a VPN instance's corresponding routing table.
    1. Run ip vpn-instance vpn-instance-name
      
      A VPN instance is created, and its view is displayed.
    2. Run ipv4-family
      
      The VPN instance IPv4 address family view is displayed.
    3. Run import-rib public protocol { direct | vlink-direct-route | { static | isis process-id | ospf process-id } [ valid-route ] } [ route-policy route-policy-name ]
      
      The device is configured to import direct routes, Vlink direct routes, static routes, or IGP routes from the public network instance to a VPN instance's corresponding routing table.
  - Configure the device to import BGP routes from the public network instance to a VPN instance's BGP routing table.
    1. Run bgp as-number
      
      The BGP view is displayed.
    2. Run ipv4-family vpn-instance vpn-instance-name
      
      The BGP VPN instance IPv4 address family view is displayed.
    3. Run import-rib public [ include-label-route ] [ valid-route ] [ route-policy route-policy-name | route-filter route-filter-name ]
      
      The device is configured to import BGP routes from the public network instance to a VPN instance's BGP routing table.
  - Configure the device to import BGP labeled routes from the public network instance's labeled address family to a VPN instance's BGP routing table.
    1. Run bgp as-number
      
      The BGP view is displayed.
    2. Run ipv4-family vpn-instance vpn-instance-name
      
      The BGP VPN instance IPv4 address family view is displayed.
    3. Run import-rib public labeled-unicast [ valid-route ] { route-policy route-policy-name | route-filter route-filter-name }
      
      The device is configured to import BGP labeled routes from the public network instance's labeled address family to a VPN instance's BGP routing table.
  - Configure the device to import BGP labeled routes from the public network instance's labeled address family to a VPN instance's routing table for the BGP labeled address family.
    1. Run bgp { as-number-plain | as-number-dot }
      
      The BGP view is displayed.
    2. Run ipv4-labeled-unicast vpn-instance vpn-instance-name
      
      The BGP labeled VPN instance IPv4 address family view is displayed.
    3. Run import-rib public labeled-unicast [ valid-route ] { route-policy route-policy-name | route-filter route-filter-name }
      
      The device is configured to import BGP labeled routes from the public network instance's labeled address family to a VPN instance's routing table for the BGP labeled address family.
  - Configure the device to import BGP routes from the public network instance to a VPN instance's routing table for the BGP labeled address family.
    1. Run bgp { as-number-plain | as-number-dot }
      
      The BGP view is displayed.
    2. Run ipv4-labeled-unicast vpn-instance vpn-instance-name
      
      The BGP labeled VPN instance IPv4 address family view is displayed.
    3. Run import-rib public [ include-label-route ] [ valid-route ] [ route-policy route-policy-name | route-filter route-filter-name ]
      
      The device is configured to import BGP routes from the public network instance to a VPN instance's routing table for the BGP labeled address family.
4. Run commit
  The configuration is committed.