11-26-2008 05:12 PM - edited 03-06-2019 02:42 AM
I have requirements to route between to different subnets but need to isolate the routing from other interfaces on the router. I have a 6509 and need to integrate an old route that is not up to par. I was looking at map-routes to keep the routing on the two interfaces correct, but I am need to also stop the other routed traffic from seeing the two isolated segments and interfaces. When I assign the interface vlan (with an IP Address) an entry is added to the route table (RIP) and could be used by other local traffic.
Can I remove the route entry or use a âprivate vlanâ to stop communication between the two routing environments
Thanks
Dan
11-27-2008 03:54 AM
Dan
If you want completely separate routing tables then you need to look at something like vrf-lite. Attached is a link to a doc that explains the concept of vrf-lite -
http://www.cisco.com/en/US/docs/solutions/Enterprise/Network_Virtualization/PathIsol.html#wp80419
If you want to configure it just do a search on Cisco site for "4500 vrf-lite". For some reason i can never find the 6500 vrf-lite configuration but it is the same.
Vrf-lite allows you to associate interfaces to specific vrf's and each vrf has it's own independent routing table.
Jon
11-27-2008 04:49 AM
hello Dan, Jon
I agree with Jon the best tool here is an MPLS VRF: Virtual routing table:
Example:
ip vrf Legacy
rd yourBGPASnumber:100
int vlan X | gi x/y
ip vrf forwarding Legacy
! retype the ip address !!
int vlan Y | gi z/k
ip vrf forwarding Legacy
! retype the ip address !!
This put the two interfaces in a separate routing table.
You can also run routing protocol over it
router rip
version 2
address-family ipv4 vrf Legacy
network x.x.x.x
Hope to help
Giuseppe
11-27-2008 04:01 AM
Can't you just use ACL's to regulate whats going in and out of those subnets ?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: