06-30-2010 07:16 AM
i have a router 2821 directly connected to a layer 2 switch 2950 . i have 10.24.15.1/24 as gateway for my machines and is configured on router interface fa 0/0 .
Now i have to create VRF in the router and i don't have spare interface on the router.
i am planning to configure sub - interface on fa 0/0 like fa 0/0.1 for 10.24.15.1 /24 and fa 0/0.2 for 10.24.16.1/2
ip vrf AB
rd 470X:57
route-target export 470X:57
route-target import 470X:57
int fa 0/0.1
encapsulation dot1Q
ip address 10.24.15.1 255.255.255.0
int fa 0/0.2
encapsulation dot1Q
ip vrf forwarding AB
ip address 10.24.16.1 255.255.255.0
router is directly connected to layer 2 switch .
10.24.15.1/24 users have gateway defined as 10.24.15.1
10.24.16.1/24 users have gateway defined as 10.24.16.1
i want only 10.24.16.1/24 subnet users should go through this vrf .
will this config and scenario work ??
if not , plz provide the sample config.
06-30-2010 07:53 AM
Hi,
Can you explain what you are trying to acheive?.
From your description, On 2821, you will have 2 routing table (one VRF table and other one global table) with 1 connected prefix in each of the routing table.
Do you have any other WAN interface that will be part of VRF?. Are you trying to communicate between VRF and global interface on 2821 (between 10.24.15.0/24 users and 10.24.16.0/24 users)?
If you can explain more about your requirement, we can come up with solution for teh same.
Regards,
Nagendra
06-30-2010 07:55 AM
Hi
Accourding to me it should work.
But the issue that you will face that you will not able to communicate with both network.
ie.
10.24.15.1/24 users have gateway defined as 10.24.15.1
10.24.16.1/24 users have gateway defined as 10.24.16.1
Because the network 10.24.16.0/24 is in VRF it will not see the global router table , So it won,t communicate with other network 10.24.15.0/24.
And if you wnat to communicate then need to add an VRF Global route.
Regards
Chetan Kumar
06-30-2010 10:33 AM
Thanks for your valueable reply. Actually , i have around 100 such locations and i want to create AB vrf for all the locations.
Also , please tell me how to create VRF Global table. for this scenario.
06-30-2010 11:36 AM
Hi
Here is the example :
ip route vrf (AB-VRF) 0.0.0.0 0.0.0.0 (data center gatway) global
Global term need to add in static route , So it will use you Global routing tble.
For more Please refer the https://supportforums.cisco.com/message/3109678
Here you will get an good idea .
Regards
Chetan Kumar
06-30-2010 01:32 PM
Hi,
Yes , your current config should work, You have effectively Isolated the 10.24.16 Network from being leaked to the Global routing table if this what you would like to achieve.
Vrf-lite is the best option to achieve path Isolation.
Let us know if you have any other enquiries,
Mohamed
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide