cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
396
Views
0
Helpful
4
Replies

Is it opssible to use route target w/ VRF Lite on 3750G?

huangedmc
Level 3
Level 3

We have a need to set up a MAN to inter-connect multiple sites in a metropolitan area.

The sites will be connected via a 1-Gbps fiber ring.

Each location has multiple vlans, and one of the requirements is to isolate the vlans so that they can't communicate w/ each other.

One exception is the "service vlan" that contains servers & printers, which all vlans should be able to talk to.

A vlan / user group should still be able to talk to the same user group at the other locations.

We plan on running OSPF to provide routing between the locations, but are not sure how to handle the VLAN segregation and provide connectivity to the service vlan at the same time.

We'll definitely NOT do ACL's because the administrative overhead is just too much.

We're thinking about VRF Lite, so basically each VLAN will be assigned an RD.

We'd also like to use route targets to control which VLAN's can communicate w/ the other VLAN's.

However, we're not sure if this would work w/ VRF Lite, or if the full blown VRF & MPLS are required.

If the latter, we're screwed because we don't have the necessary hardware to support MPLS and gig speed at these locations. (we have a bunch of 2800/3800 routers but they can't handle the traffic rate)

4 Replies 4

Harold Ritter
Cisco Employee
Cisco Employee

Kevin,

You do not need a full blown MPLS deployment in order to do import/export. You can use RTs to control import/export in the context of VRF-Lite as well. You will need to configure BGP though as the import/export process is performed by the BGP process.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Harold,

Thank you for the prompt response.

So we'll need to run BGP on top of OSPF in order to utilize RT to control vlan access.

Is this something you'd recommend based on the requirements I've mentioned above?

We initially chose not to run BGP because we have a high speed fiber ring, and we wanted sub-second convergence.

Even if we fine-tune the BGP timers from 60/180 to something like 10/30, it's still not as fast as OSPF.

Or do you think the benefits of running BGP & VRF-Lite outweighs drawbacks such as slow convergence?

you need to deploy Extranet VPN...probably if you re going for vrf-lite you left with no option but to create sub-interfaces on each link......and you have to deploy bgp on single central router to implement the extranest feature...that is do the import and export......

Kevin,

You can still run OSPF as an IGP. BGP will solely be used to import/export routes between VRFs.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: