vrf lite question

Answered Question
Jul 3rd, 2010

Hello...


In our network, we have customers whom share the CE as us.  We would like to implement vrf lite but just use eigrp as the routing protocol.  The CE in this case is a layer 2 switch.  We have tried to run vrf lite with eigrp in the lab but for some reason we cannot see the vrf routing table for the networks we have configured vrf forwarding for.  Is what we are doing possible?



Thanks in advance...




here is our configuration...




l2 switch ----- l3 switch ------- l3 switch ------ l2 switch



ip vrf Test
rd 26:2
route-target import 26:1
route-target export 26:1
route-target import 26:2
route-target export 26:2

!
int loopback1
ip address 10.26.0.1 255.255.255.0
!
router eigrp 1
network 10.100.5.1 0.0.0.255

!
address-family ipv4 vrf Test
network 10.26.0.0 0.0.0.255
network 10.27.0.0 0.0.0.255
no auto-summary
autonomous-system 1
exit-address-family


---



ip vrf Test
rd 26:1
route-target import 26:1
route-target export 26:1
route-target import 26:2
route-target export 26:2
!
int loopback1
ip address 10.27.0.1 255.255.255.0

!
router eigrp 1
network 10.100.5.1 0.0.0.255

!
address-family ipv4 vrf Test
network 10.27.0.0 0.0.0.255
network 10.26.0.0 0.0.0.255

no auto-summary
autonomous-system 1
exit-address-family
Correct Answer by nqtran1979 about 6 years 7 months ago

Mate,


I think this was mentioned before but with VRF-lite, the physical interface that connects the two L3 switches also needs to be part of the VRF otherwise you are going into the realms of MPLS/MP-BGP to advertise send across the different RD's.


hope that helps.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Edison Ortiz Sat, 07/03/2010 - 08:13

I don't see the loopback on the VRF test.


You have


int loopback1
ip address 10.26.0.1 255.255.255.0

When it should be

int loopback1
ip vrf forwarding Test
ip address 10.26.0.1 255.255.255.0



BTW, you don't need import and export for VRF Life config. Only need for full implementation with BGP.


Regards,


Edison

szajihsaniatan Sat, 07/03/2010 - 08:21

Thanks. I left that out. I was trying to remember the configs from memory.


Other than that, do u see any other issues?

Edison Ortiz Sat, 07/03/2010 - 08:25

Hard to tell without looking at the entire picture. Based on the information provided, you are only including the loopbacks under the VRF Test.

Are you planning to peer with other routers? if so, those interfaces must be under the VRF Test otherwise VRF Test will sit on a island on those switches.


Regards,


Edison

szajihsaniatan Sat, 07/03/2010 - 08:39

Yeah, def peering with other routers. We used loopbacks for test since the interface comes up automatically. With the syntax "autonomous system 1", is that coming from the eigrp from the other PE router?


Well, ill paste the entire configs when I get back to the office on monday.

Edison Ortiz Sat, 07/03/2010 - 08:59

The autonomous system is equivalent to the global routing table EIGRP autonomous system number. If I recall correctly, the VRF autonomous system and global routing EIGRP autonomous system must be different.


They will need to match to whatever routers they are establishing the EIGRP relationship with.


For instance, if you decide to run autonomous system 10 for VRF Test, then all routers running EIGRP must use autonomous system 10.


Regards,


Edison

szajihsaniatan Tue, 07/06/2010 - 05:54

Hello again...



Well, looks like im still doing something wrong...below are my configs...im just using two 3560 switches connected and using loobacks for the VRF...Still unable to see vrf routes between each other....any help would be appriciated..



Thanks again




ip vrf Erin
rd 15:1
!
interface Loopback2
ip vrf forwarding Erin
ip address 10.230.1.1 255.255.255.0
!
router eigrp 1
!
address-family ipv4 vrf Erin
  redistribute connected
  autonomous-system 2
exit-address-family
network 10.0.0.0


!


Switch#sh ip route vrf Erin


Routing Table: Erin
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route


Gateway of last resort is not set


     10.0.0.0/24 is subnetted, 1 subnets
C       10.230.1.0 is directly connected, Loopback2


------------



ip vrf Erin
rd 15:2
!
interface Loopback2
ip vrf forwarding Erin
ip address 10.40.1.1 255.255.255.0
!
!
router eigrp 1
network 10.0.0.0
!
address-family ipv4 vrf Erin
  redistribute connected
  autonomous-system 2
  network 10.0.0.0
exit-address-family

!


Switch#sh ip route vrf Erin


Routing Table: Erin
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route


Gateway of last resort is not set


     10.0.0.0/24 is subnetted, 1 subnets
C       10.40.1.0 is directly connected, Loopback2

Correct Answer
nqtran1979 Wed, 07/07/2010 - 09:33

Mate,


I think this was mentioned before but with VRF-lite, the physical interface that connects the two L3 switches also needs to be part of the VRF otherwise you are going into the realms of MPLS/MP-BGP to advertise send across the different RD's.


hope that helps.

szajihsaniatan Wed, 07/07/2010 - 11:00

Yep, you are correct...i actually just help from TAC on this issue...thanks for the response back...

Actions

This Discussion