Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1503
Views
0
Helpful
5
Replies

vrf problem

csc010854800
Level 1
Level 1

‎06-30-2010 07:16 AM

i have a router 2821 directly connected to a layer 2 switch 2950 . i have 10.24.15.1/24 as gateway for my machines and is configured on router interface fa 0/0 .

Now i have to create VRF in the router and i don't have spare interface on the router.

i am planning to configure sub - interface on fa 0/0 like fa 0/0.1 for 10.24.15.1 /24 and fa 0/0.2 for 10.24.16.1/2

ip vrf AB
rd 470X:57
route-target export 470X:57
route-target import 470X:57

int fa 0/0.1

encapsulation dot1Q

ip address 10.24.15.1 255.255.255.0

int fa 0/0.2

encapsulation dot1Q

ip vrf forwarding AB

ip address 10.24.16.1 255.255.255.0

router is directly connected to layer 2 switch .

10.24.15.1/24 users have gateway defined as 10.24.15.1

10.24.16.1/24 users have gateway defined as 10.24.16.1

i want only 10.24.16.1/24 subnet users should go through this vrf .

will this config and scenario work ??

if not , plz provide the sample config.

Labels:
0 Helpful
5 Replies 5

Nagendra Kumar Nainar
Cisco Employee
Cisco Employee

‎06-30-2010 07:53 AM

Hi,

Can you explain what you are trying to acheive?.

From your description, On 2821, you will have 2 routing table (one VRF table and other one global table) with 1 connected prefix in each of the routing table.

Do you have any other WAN interface that will be part of VRF?. Are you trying to communicate between VRF and global interface on 2821 (between 10.24.15.0/24 users and 10.24.16.0/24 users)?

If you can explain more about your requirement, we can come up with solution for teh same.

Regards,

Nagendra

0 Helpful

Chetan Kumar Ress
Level 4
Level 4

‎06-30-2010 07:55 AM

Hi

Accourding to me it should work.

But the issue that you will face that you will not able to communicate with both network.

ie.

10.24.15.1/24 users have gateway defined as 10.24.15.1

10.24.16.1/24 users have gateway defined as 10.24.16.1

Because the network 10.24.16.0/24 is in VRF it will not see the global router table , So it won,t communicate with other network 10.24.15.0/24.

And if you wnat to communicate then need to add an VRF Global route.

Regards

Chetan Kumar

0 Helpful

csc010854800
Level 1
Level 1
In response to Chetan Kumar Ress

‎06-30-2010 10:33 AM

Thanks for your valueable reply.  Actually , i have around 100 such locations and i want to create AB vrf for all the locations.

Also , please tell me how to create VRF Global table. for this scenario.

0 Helpful

Chetan Kumar Ress
Level 4
Level 4
In response to csc010854800

‎06-30-2010 11:36 AM

Hi

Here is the example :

ip route vrf  (AB-VRF)  0.0.0.0  0.0.0.0 (data center gatway) global

Global term need to add in static route , So it will use you Global routing tble.

For more Please refer the https://supportforums.cisco.com/message/3109678

Here you will get an good idea .

Regards

Chetan Kumar

0 Helpful

Mohamed Sobair
Level 7
Level 7

‎06-30-2010 01:32 PM

Hi,

Yes , your current config should work, You have effectively Isolated the 10.24.16 Network from being leaked to the Global routing table if this what you would like to achieve.

Vrf-lite is the best option to achieve path Isolation.

Let us know if you have any other enquiries,

Mohamed

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents