vrf lite question

Answered Question
Jul 3rd, 2010
User Badges:

Hello...


In our network, we have customers whom share the CE as us.  We would like to implement vrf lite but just use eigrp as the routing protocol.  The CE in this case is a layer 2 switch.  We have tried to run vrf lite with eigrp in the lab but for some reason we cannot see the vrf routing table for the networks we have configured vrf forwarding for.  Is what we are doing possible?



Thanks in advance...




here is our configuration...




l2 switch ----- l3 switch ------- l3 switch ------ l2 switch



ip vrf Test
rd 26:2
route-target import 26:1
route-target export 26:1
route-target import 26:2
route-target export 26:2

!
int loopback1
ip address 10.26.0.1 255.255.255.0
!
router eigrp 1
network 10.100.5.1 0.0.0.255

!
address-family ipv4 vrf Test
network 10.26.0.0 0.0.0.255
network 10.27.0.0 0.0.0.255
no auto-summary
autonomous-system 1
exit-address-family


---



ip vrf Test
rd 26:1
route-target import 26:1
route-target export 26:1
route-target import 26:2
route-target export 26:2
!
int loopback1
ip address 10.27.0.1 255.255.255.0

!
router eigrp 1
network 10.100.5.1 0.0.0.255

!
address-family ipv4 vrf Test
network 10.27.0.0 0.0.0.255
network 10.26.0.0 0.0.0.255

no auto-summary
autonomous-system 1
exit-address-family
Correct Answer by nqtran1979 about 6 years 11 months ago

Mate,


I think this was mentioned before but with VRF-lite, the physical interface that connects the two L3 switches also needs to be part of the VRF otherwise you are going into the realms of MPLS/MP-BGP to advertise send across the different RD's.


hope that helps.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Edison Ortiz Sat, 07/03/2010 - 08:13
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

I don't see the loopback on the VRF test.


You have


int loopback1
ip address 10.26.0.1 255.255.255.0

When it should be

int loopback1
ip vrf forwarding Test
ip address 10.26.0.1 255.255.255.0



BTW, you don't need import and export for VRF Life config. Only need for full implementation with BGP.


Regards,


Edison

szajihsaniatan Sat, 07/03/2010 - 08:21
User Badges:

Thanks. I left that out. I was trying to remember the configs from memory.


Other than that, do u see any other issues?

Edison Ortiz Sat, 07/03/2010 - 08:25
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Hard to tell without looking at the entire picture. Based on the information provided, you are only including the loopbacks under the VRF Test.

Are you planning to peer with other routers? if so, those interfaces must be under the VRF Test otherwise VRF Test will sit on a island on those switches.


Regards,


Edison

szajihsaniatan Sat, 07/03/2010 - 08:39
User Badges:

Yeah, def peering with other routers. We used loopbacks for test since the interface comes up automatically. With the syntax "autonomous system 1", is that coming from the eigrp from the other PE router?


Well, ill paste the entire configs when I get back to the office on monday.

Edison Ortiz Sat, 07/03/2010 - 08:59
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

The autonomous system is equivalent to the global routing table EIGRP autonomous system number. If I recall correctly, the VRF autonomous system and global routing EIGRP autonomous system must be different.


They will need to match to whatever routers they are establishing the EIGRP relationship with.


For instance, if you decide to run autonomous system 10 for VRF Test, then all routers running EIGRP must use autonomous system 10.


Regards,


Edison

szajihsaniatan Sat, 07/03/2010 - 09:09
User Badges:

Ok. Thanks again. Will try that on monday. Ill let u know how it goes

szajihsaniatan Tue, 07/06/2010 - 05:54
User Badges:

Hello again...



Well, looks like im still doing something wrong...below are my configs...im just using two 3560 switches connected and using loobacks for the VRF...Still unable to see vrf routes between each other....any help would be appriciated..



Thanks again




ip vrf Erin
rd 15:1
!
interface Loopback2
ip vrf forwarding Erin
ip address 10.230.1.1 255.255.255.0
!
router eigrp 1
!
address-family ipv4 vrf Erin
  redistribute connected
  autonomous-system 2
exit-address-family
network 10.0.0.0


!


Switch#sh ip route vrf Erin


Routing Table: Erin
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route


Gateway of last resort is not set


     10.0.0.0/24 is subnetted, 1 subnets
C       10.230.1.0 is directly connected, Loopback2


------------



ip vrf Erin
rd 15:2
!
interface Loopback2
ip vrf forwarding Erin
ip address 10.40.1.1 255.255.255.0
!
!
router eigrp 1
network 10.0.0.0
!
address-family ipv4 vrf Erin
  redistribute connected
  autonomous-system 2
  network 10.0.0.0
exit-address-family

!


Switch#sh ip route vrf Erin


Routing Table: Erin
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route


Gateway of last resort is not set


     10.0.0.0/24 is subnetted, 1 subnets
C       10.40.1.0 is directly connected, Loopback2

Correct Answer
nqtran1979 Wed, 07/07/2010 - 09:33
User Badges:

Mate,


I think this was mentioned before but with VRF-lite, the physical interface that connects the two L3 switches also needs to be part of the VRF otherwise you are going into the realms of MPLS/MP-BGP to advertise send across the different RD's.


hope that helps.

szajihsaniatan Wed, 07/07/2010 - 11:00
User Badges:

Yep, you are correct...i actually just help from TAC on this issue...thanks for the response back...

Actions

This Discussion