sharing global routing table with vrf for intra-as traffic

sding2006 · ‎10-02-2007

We have a network block of 10.201.0.0/16 which is divided into two subnet 10.201.0.0/18 and 10.201.192.0/18. We are getting a internet feed for each subnet.

10.201.192.0/18 is in global routing table, and 10.201.0.0/18 is in a vrf-lite green.

I am thinking doing the following:

...........HUB

............/.\

VL199/....\VL198

........../......\

SPOKE1 SPOKE2

Hub and spoke are from perspective of vrf green.

For vrf green in the HUB:

ip route vrf green 10.201.0.0 255.255 255.192 vlan 199

ip route vrf green 10.201.64.0 255.255.255.192 vlan198

SPOKE1

ip route 0.0.0.0 0.0.0.0 vlan199

SPOKE2

ip route 0.0.0.0 0.0.0.0 vlan198

Suppose we already get the 2 internet feeds to HUB route with vrf green and global routing table. This should get vrf green going.

But we also have global routing table on the HUB router.

We would like to have 10.201.0.0/16 communicating with each other, and only keep internet default separated.

How should we get to 10.201.0.0/18 from global routing table and how should we get to 10.201.192.0/18 from SPOKE[12]?

sding2006 · ‎10-08-2007

In my lab, I have 2 ports configured.

int gi1/2

ip vrf forward green

ip address 10.201.192.253 255.255.255.252

int gi1/1

ip address 10.201.192.254 255.255.255.252

ip route 10.201.0.0 255.255.192.0 gi1/2

ip route vrf 10.201.192.0 255.255.192.0 gi1/1 10.201.192.254

This way, from vrf green to global has go through HUB. and vrf greens will also go through greens.

Is there any other much elegant way for this purpose?

swaroop.potdar · ‎10-08-2007

Since you have global table only at the HUB, rather than doing a conventional route leak you can do a physical loopback between 2 interfaces at the HUB, and populate one end with the VRF. So you can inject all the global routes into your VRF. So VRF users can come till hub and exit out the loopbacked interface back to global table, and global users can go directly.

HTH-Cheers,

Swaroop