Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
282
Views
4
Helpful
1
Replies

IP VRF-Lite

Go to solution
oguarisco
Level 3
Level 3

‎01-13-2006 12:57 AM - edited ‎03-04-2019 03:01 AM

Hi,

we had a network with Cat4500 SupV as Core and Cat3750/Cat3750G (not metro!) as Distribution platform.

I'm finding out if using VRF Lite is possible to separate two entities that use the same physical network and span the whole net to have one, max. two, contact point between these entities...to implement security policy

Should this work with the platform we had or to implement a VRF network we should have had Cat6500 ???

If this not work the only solution available is to use RACL at each Distribution node where there are both entitites to separate the traffic

thanks for any help

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mheusinger
Level 10
Level 10

‎01-13-2006 05:44 AM

Hello,

yes what you want to do is possible.

You will need the "multi-VRF aka VRF lite" where IP routing is performed. So in case the Cat3750 are pure Layer2 switches the VRFs are not needed there.

Think of a VRF as a sort of virtual router to which certain VLAN/ethernet interfaces are attached.

To separate two entities you would create two VRFs in the Catalyst 4500 according to "Configuring VRF-lite"

http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/products_command_reference_chapter09186a008017d03c.html#wp1062144

and also in the Catalyst 3750 along the description in "Configuring Multi-VRF CE"

http://www.cisco.com/en/US/products/hw/switches/ps5023/products_configuration_guide_chapter09186a00804764c7.html#wp1320198

Note that there has being a name change from VRF-lite to Multy-VRF. This is however exactly the same feature - afaik marketing wanted the change because it sounds better.

Did this help? Then please rate the post.

Martin

View solution in original post

1 Reply 1

Go to solution
mheusinger
Level 10
Level 10

‎01-13-2006 05:44 AM

Hello,

yes what you want to do is possible.

You will need the "multi-VRF aka VRF lite" where IP routing is performed. So in case the Cat3750 are pure Layer2 switches the VRFs are not needed there.

Think of a VRF as a sort of virtual router to which certain VLAN/ethernet interfaces are attached.

To separate two entities you would create two VRFs in the Catalyst 4500 according to "Configuring VRF-lite"

http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/products_command_reference_chapter09186a008017d03c.html#wp1062144

and also in the Catalyst 3750 along the description in "Configuring Multi-VRF CE"

http://www.cisco.com/en/US/products/hw/switches/ps5023/products_configuration_guide_chapter09186a00804764c7.html#wp1320198

Note that there has being a name change from VRF-lite to Multy-VRF. This is however exactly the same feature - afaik marketing wanted the change because it sounds better.

Did this help? Then please rate the post.

Martin

Customers Also Viewed These Support Documents