07-11-2011 12:36 AM - edited 03-04-2019 12:56 PM
Hi All,
I am after some advice as to the best way to confugre VRF Lite with Global RT access. I will be installing a Cisco router soon to terminate new VRF customers via PPP, Ethernet etc.
I have a customer who has a dozen or so sites, each with their own /24 internal network. I have the config working fine for routing within the VRF but I want to offer this customer Internet access via Global Routing Table. I understand I can leak the routes via static or BGP, however, what if I get another customer come along who will be using the same subnet within their VRF. For example CustA-192.168.10.0/24 is used at one of the sites, what if CustB wants to use 192.168.10.0/24 for one of their sites?
Little confused at the moment! Thanks.
07-11-2011 02:22 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
NAT.
07-11-2011 11:34 PM
Thanks Joseph. Doesnt sound to scalable though right?
07-12-2011 12:11 AM
as stated above nating
using VRF aware NAT
have a look at the bellow article i posted on CSC before which might help you to understand some concepts
https://supportforums.cisco.com/docs/DOC-8403
Good luck
if hlepful Rate
07-12-2011 04:09 PM
Thanks marwanshawi.
Am I right in thinking this is a limitation because I am using VRF Lite, and not MPLS L3. If I was running MPLS then I could tag routes and not have to use NAT?
Cheers.
07-12-2011 09:31 PM
No, MPLS is only a forwarding/switching+labeling mechanism it got nothing to do with NAting and route leaking
the L3VPN (MPBGP) header is used to tag the VRF related routes
in your case you are not using MPGP ( one node ) VRF-Lite is enough
so what you can do is create a BGP in that router and and leake the default route to the VPN VRF tunnels and in the router define a default route to for that VRF to go over the global routing table
this is fo reach VRF
and for each VRF define a NATing with overload to make sure overlapped addresses can go out to the Internet
good luck
if helpful Rate
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: