vrf problem

Unanswered Question
Jun 30th, 2010

i have a router 2821 directly connected to a layer 2 switch 2950 . i have 10.24.15.1/24 as gateway for my machines and is configured on router interface fa 0/0 .

Now i have to create VRF in the router and i don't have spare interface on the router.

i am planning to configure sub - interface on fa 0/0 like fa 0/0.1 for 10.24.15.1 /24 and fa 0/0.2 for 10.24.16.1/2

ip vrf AB
rd 470X:57
route-target export 470X:57
route-target import 470X:57

int fa 0/0.1

encapsulation dot1Q

ip address 10.24.15.1 255.255.255.0

int fa 0/0.2

encapsulation dot1Q

ip vrf forwarding AB

ip address 10.24.16.1 255.255.255.0

router is directly connected to layer 2 switch .

10.24.15.1/24 users have gateway defined as 10.24.15.1

10.24.16.1/24 users have gateway defined as 10.24.16.1

i want only 10.24.16.1/24 subnet users should go through this vrf .

will this config and scenario work ??

if not , plz provide the sample config.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Nagendra Kumar ... Wed, 06/30/2010 - 07:53

Hi,

Can you explain what you are trying to acheive?.

From your description, On 2821, you will have 2 routing table (one VRF table and other one global table) with 1 connected prefix in each of the routing table.

Do you have any other WAN interface that will be part of VRF?. Are you trying to communicate between VRF and global interface on 2821 (between 10.24.15.0/24 users and 10.24.16.0/24 users)?

If you can explain more about your requirement, we can come up with solution for teh same.

Regards,

Nagendra

Chetan Kumar Ress Wed, 06/30/2010 - 07:55

Hi

Accourding to me it should work.

But the issue that you will face that you will not able to communicate with both network.

ie.

10.24.15.1/24 users have gateway defined as 10.24.15.1

10.24.16.1/24 users have gateway defined as 10.24.16.1

Because the network 10.24.16.0/24 is in VRF it will not see the global router table , So it won,t communicate with other network 10.24.15.0/24.

And if you wnat to communicate then need to add an VRF Global route.

Regards

Chetan Kumar

csc010854800 Wed, 06/30/2010 - 10:33

Thanks for your valueable reply.  Actually , i have around 100 such locations and i want to create AB vrf for all the locations.

Also , please tell me how to create VRF Global table. for this scenario.

Mohamed Sobair Wed, 06/30/2010 - 13:32

Hi,

Yes , your current config should work, You have effectively Isolated the 10.24.16 Network from being leaked to the Global routing table if this what you would like to achieve.

Vrf-lite is the best option to achieve path Isolation.

Let us know if you have any other enquiries,

Mohamed

Actions

This Discussion

Related Content