vrf problem

Unanswered Question
Jun 30th, 2010
User Badges:

i have a router 2821 directly connected to a layer 2 switch 2950 . i have as gateway for my machines and is configured on router interface fa 0/0 .

Now i have to create VRF in the router and i don't have spare interface on the router.

i am planning to configure sub - interface on fa 0/0 like fa 0/0.1 for /24 and fa 0/0.2 for

ip vrf AB
rd 470X:57
route-target export 470X:57
route-target import 470X:57

int fa 0/0.1

encapsulation dot1Q

ip address

int fa 0/0.2

encapsulation dot1Q

ip vrf forwarding AB

ip address

router is directly connected to layer 2 switch . users have gateway defined as users have gateway defined as

i want only subnet users should go through this vrf .

will this config and scenario work ??

if not , plz provide the sample config.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Nagendra Kumar ... Wed, 06/30/2010 - 07:53
User Badges:
  • Cisco Employee,


Can you explain what you are trying to acheive?.

From your description, On 2821, you will have 2 routing table (one VRF table and other one global table) with 1 connected prefix in each of the routing table.

Do you have any other WAN interface that will be part of VRF?. Are you trying to communicate between VRF and global interface on 2821 (between users and users)?

If you can explain more about your requirement, we can come up with solution for teh same.



Chetan Kumar Ress Wed, 06/30/2010 - 07:55
User Badges:
  • Silver, 250 points or more


Accourding to me it should work.

But the issue that you will face that you will not able to communicate with both network.

ie. users have gateway defined as users have gateway defined as

Because the network is in VRF it will not see the global router table , So it won,t communicate with other network

And if you wnat to communicate then need to add an VRF Global route.


Chetan Kumar

csc010854800 Wed, 06/30/2010 - 10:33
User Badges:

Thanks for your valueable reply.  Actually , i have around 100 such locations and i want to create AB vrf for all the locations.

Also , please tell me how to create VRF Global table. for this scenario.

Chetan Kumar Ress Wed, 06/30/2010 - 11:36
User Badges:
  • Silver, 250 points or more


Here is the example :

ip route vrf  (AB-VRF) (data center gatway) global

Global term need to add in static route , So it will use you Global routing tble.

For more Please refer the https://supportforums.cisco.com/message/3109678

Here you will get an good idea .


Chetan Kumar

Mohamed Sobair Wed, 06/30/2010 - 13:32
User Badges:
  • Gold, 750 points or more


Yes , your current config should work, You have effectively Isolated the 10.24.16 Network from being leaked to the Global routing table if this what you would like to achieve.

Vrf-lite is the best option to achieve path Isolation.

Let us know if you have any other enquiries,



This Discussion

Related Content