Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1262
Views
4
Helpful
3
Replies

3560X VRF-lite and OSPF Config Question

Go to solution
ROBERT T
Level 4
Level 4

‎09-17-2013 06:46 AM - edited ‎03-04-2019 09:03 PM

I have 2 - 3560X's running c3560e-universalk9-mz.152-1.E.bin. I want to have three different routing tables, STORE, ENDUSER, SERVER.

My question is how to setup OSPF, do I create 1 OSPF instance with all of my subnets, or do I create an instance for each VRF?

Here is some of my config

ip routing

!

ip vrf ENDUSER

description End User Segment

!

ip vrf SERVER

description Server Segment

!

ip vrf STORE

description Store Connectivity

Under each SVI, I have the VRF forwarding statement

interface Vlan12

description OFFICE-ENDUSER

ip vrf forwarding ENDUSER

ip address 192.168.1.2 255.255.255.0

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rolf Fischer
Level 9
Level 9

‎09-17-2013 06:59 AM

Hi Robert,

the segregation of the routing-tables with VRFs also includes the routing protocols, so you'll have to setup an OSPF process for each VRF:

(config)# router ospf  [vrf ]

Also keep in mind that you'll need another router (or firewall etc.) to manage the routing between networks of different VRFs, if this is desired.

Hope that helps

Rolf

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Rolf Fischer
Level 9
Level 9

‎09-17-2013 06:59 AM

Hi Robert,

the segregation of the routing-tables with VRFs also includes the routing protocols, so you'll have to setup an OSPF process for each VRF:

(config)# router ospf  [vrf ]

Also keep in mind that you'll need another router (or firewall etc.) to manage the routing between networks of different VRFs, if this is desired.

Hope that helps

Rolf

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎09-17-2013 07:20 AM

Disclaimer

The   Author of this posting offers the information contained within this   posting without consideration and with the reader's understanding that   there's no implied or expressed suitability or fitness for any purpose.   Information provided is for informational purposes only and should not   be construed as rendering professional advice of any kind. Usage of  this  posting's information is solely at reader's own risk.

Liability Disclaimer

In   no event shall Author be liable for any damages whatsoever (including,   without limitation, damages for loss of use, data or profit) arising  out  of the use or inability to use the posting's information even if  Author  has been advised of the possibility of such damage.

Posting

As Rolf noted, you would normally have an OSPF instance per VRF.  Effectively, you then have 3 L3 topologies (much like VLANs do for L2).

You do have the option to leak routes between VRFs.

You also could have 3 OPSF processes, and no VRFs.

"Best" approach depends on what your needs really are.  VRFs are great if you need to support overlapping IP address spaces and/or you have some very stringent security requirements.

Go to solution
ROBERT T
Level 4
Level 4
In response to Joseph W. Doherty

‎09-17-2013 07:38 AM

I have a firewall to route between VRF's.

I don't have any overlapping IP's

Thanks guys, I setup individual OSPF instances on the switches. This seems to be working.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card