VRF configuration on subinterface and VLAN subinterface

Unanswered Question
Apr 9th, 2008

Hi

Can I configure VRFs on subinterface (physical and VLAN) basis in a normal BGP/MPLS VPN configuration.

Thanks

VK

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mohammedmahmoud Wed, 04/09/2008 - 02:33

Hi,

As an abstract answer yes you can, but if you are facing a specific issue, then please elaborate more.

BR,

Mohammed Mahmoud.

nakulvkumar Wed, 04/09/2008 - 03:04

Hi Mohammed,

Thanks for your response, the reason I asked is that in some of the Cisco documents I have come across I saw conflicting statements to the same.

Some say it is supported, some say it isn't.

Hence wanted to know of platform specific limitations, if any.

Waiting for your response.

Thanks and Regards..

mohammedmahmoud Wed, 04/09/2008 - 03:41

Hi Nakul,

You might have hit outdated documents, or platform having specific limitations. We can discuss the statements you've found if you like, what platforms and interfaces are we talking about, for example the below is a VRF applied under an Ethernet subinterface:

!

interface FastEthernet0/1.1

encapsulation dot1Q 100

ip vrf forwarding test

ip address 1.1.1.1 255.255.255.0

BR,

Mohammed Mahmoud.

sultan-shaikh Thu, 04/10/2008 - 19:36

Hi,

Though practically speaking we can configure different VRFs on the subinterface level, but what I have seen we need to disable CEF for the same, saw this on 7200 platform. Disabling CEF would mean we cannot run MPLS isn't it. So I can see this usage in cases we are using VRF without MPLS.

What are your thoughts.

Thanks

Cheers

~sultan

mohammedmahmoud Sat, 04/12/2008 - 01:40

Hi Sultan,

I work for a service provider, we do provide MPLS VPNs, and we do configure VRF per-subinterfaces on our PEs per each customer site, we do this on ATM and GE subinterfaces, moreover the most common platform that we use is the 7200 (NPE-G1), can you elaborate more on the case you are talking about.

BR,

Mohammed Mahmoud.

sultan-shaikh Sun, 04/13/2008 - 19:39

Hi Mohammed,

Thanks for your response, my response was on that basis of one test I had done a few months back (haven't checked recently though), i.e.: VRF per sub-interface per customer via dot1q encapsulation.

While giving IP address to that subinterface I got a message stating that CEP needs to be disabled.

So my conclusion, based on my limited knowledge, was that if I am disabling CEF my MPLS won't work, hence I did not, at that time, consider this option.

Please reply..

Thanks

Cheers

~sultan

Can you calrify that to me please.

mohammedmahmoud Mon, 04/14/2008 - 01:46

Hi Sultan,

You are very welcomed, i'd be more than glade to help you out your confusion, below is the output of one of my lab PEs, and moreover i've in production customers running with this setup, i've never faced the issue you are describing, if you can regenerate the test you are describing we can elaborate on it:

!

interface FastEthernet0/0

no ip address

!

interface FastEthernet0/0.1

encapsulation dot1Q 101

ip vrf forwarding a

ip address 101.101.101.1 255.255.255.252

!

interface FastEthernet0/0.2

encapsulation dot1Q 202

ip vrf forwarding b

ip address 202.202.202.1 255.255.255.252

This is a 7200VXR (NPE-300) running "c7200-p-mz.122-25.S14.bin".

BR,

Mohammed Mahmoud.

sultan-shaikh Mon, 04/14/2008 - 02:16

Hello Mohammed,

Thanks for your response. I agree with you, even I am doing that configuration. My point is that when I completed the encapsulation part and am giving the IP Address I get an error message saying that "CEF needs to be disabled to give IP address", though the IP is accepted.

I hope this is clear, I don't have the logs or the exact message or IOS version with me as I saw this a few months ago. I can though try and check whether I can replicate this again.

Thanks

Cheers

~sultan

Actions

This Discussion