I am looking at emulating a system similar to the following using VRF-lite on a 3750. Please see the attached diagram.
1) The hosts share "Virtual IP addresses" and announce which ones they have to the upstream routers, then on up to the firewall and the rest of the nwtwork. These routers are responsible for informing the firewall so it knows the precise path to any VIP. Any VIP coud be on any host at any time.
2) There are always two paths to each host. Each interface on each host is in a small subnet with the router interface it is connected to.
3) The routers and hosts are geographically separate. The firewall joins them together.
The whole idea is to ensure there is always a path to the VIPs, and that there is at least always one path to any host.
Basically, this is an emulation of a redundant pair of layer 3 switches at each site.
What I want to try and do is create this inside a single layer 3 switch for testing and development purposes.
I would imagine that to do this would require say 4 VRFs, two for each site. Each one running BGP to communicate to the hosts, and EIGRP to communicate to the firewall (needed because it doesn't support BGP, go figure)
I have stack of 3750s in the network that can accomplish this. They are however production and I would not want to play around with them until I have a plausable plan documented.
Can someone please look over this and let me know if it is plausable, and any apparent pitfalls?
I understand it is a crazy scenario, but I am stuck with it.