cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1559
Views
0
Helpful
5
Replies

VPN/VRF Lite Routing

Loopback99
Level 1
Level 1

Hi All,

I am after some advice as to the best way to confugre VRF Lite with Global RT access. I will be installing a Cisco router soon to terminate new VRF customers via PPP, Ethernet etc.

I have a customer who has a dozen or so sites, each with their own /24 internal network. I have the config working fine for routing within the VRF but I want to offer this customer Internet access via Global Routing Table. I understand I can leak the routes via static or BGP, however, what if I get another customer come along who will be using the same subnet within their VRF. For example CustA-192.168.10.0/24 is used at one of the sites, what if CustB wants to use 192.168.10.0/24 for one of their sites?

Little confused at the moment! Thanks.

5 Replies 5

Joseph W. Doherty
Hall of Fame
Hall of Fame

Disclaimer

The   Author of this posting offers the information contained within this   posting without consideration and with the reader's understanding that   there's no implied or expressed suitability or fitness for any purpose.   Information provided is for informational purposes only and should not   be construed as rendering professional advice of any kind. Usage of  this  posting's information is solely at reader's own risk.

Liability Disclaimer

In   no event shall Author be liable for any damages whatsoever (including,   without limitation, damages for loss of use, data or profit) arising  out  of the use or inability to use the posting's information even if  Author  has been advised of the possibility of such damage.

Posting

NAT.

Thanks Joseph. Doesnt sound to scalable though right?

as stated above nating

using VRF aware NAT

have a look at the bellow article i posted on CSC before which might help you to  understand some concepts

https://supportforums.cisco.com/docs/DOC-8403

Good luck

if hlepful Rate

Thanks marwanshawi.

Am I right in thinking this is a limitation because I am using VRF Lite, and not MPLS L3. If I was running MPLS then I could tag routes and not have to use NAT?

Cheers.

No, MPLS is only a forwarding/switching+labeling mechanism it got nothing to do with NAting and route leaking

the L3VPN (MPBGP) header is used to tag the VRF related routes

in your case you are not using MPGP ( one node ) VRF-Lite is enough

so what you can do is create a BGP in that router and and leake the default route to the VPN VRF tunnels and in the router define a default route to for that VRF to go over the global routing table

this is fo reach VRF

and for each VRF define a NATing with overload to make sure overlapped addresses  can go out to the Internet

good luck

if helpful Rate

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: