Cisco VRF and multiple VM Servers across a trunked port

fbarnett · ‎02-09-2010

I'm setting up a new VRF and VLAN and trying to get a VM Server to work in this VLAN. This is an existing VM with servers in multiple VLAN's.

The new VM server instance needs to be in this VRF/VLAN. I've added the vlan to the trunks allowed on the physical port but the server is unreachable. Do I need to add "ip vrf forwarding xxxx" to the interface? Does this affect any of the other servers?

Reza Sharifi · ‎02-09-2010

Hello Fbarnett,

Yes, under the vlan interface, you need to add "ip vrf forwarding xxxx".

It does have an effect once you add this vlan to a vrf. It will not be able to communicate with other vlans in the global routing table unless you do vrf to Global leaking.

http://www-china.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sga/configuration/guide/vrf.pdf

HTH

Reza

Giuseppe Larosa · ‎02-09-2010

Hello Fbarnett,

only the L3 interface SVI vlan x has to be associated to the vrf with ip vrf forwarding command.

the physical port has to be configured as L2 trunk.

for testing ip connectivity in VRF you need to use

ping vrf VRF-name server-ipaddress

at the same mode there are per vrf commands like

sh ip arp vrf VRF-name

sh ip arp vrf VRF-name | inc server-ipaddress

you can then compare mac address with MAC address learned on L2 port to confirm it is your server answering.

As noted by Reza, the networks that can reach the new server in VRF are those in the same VRF/VPN on other VRFs/VPNs if there is an extranet.

The server can be reached by global routing table if route leakage is implemented.

Hope to help

Giuseppe