I'm looking for some practical advice from people who have used the VRF-Lite functionality on Cisco 3750G's (WS-C3750G-24T-S), I've got a situation currently with a set of 3750's running inter-vlan routing for around 80/90 connected subnets (140+ gig ports).
I'm looking in the coming week at creating a new VRF and enabling OSPF for that VRF while leaving the existing routing arrangements in the Default IP Routing Table.
Has anyone done this before and experienced any issues?
I'm in a situation where I can't replicate the live config into a lab to test the impact / implications of enabling / creating VRF's so therefore I'm seeking the advice of people who will have done this before hopefully
I know the 3750's have a very small support for VRF's (24 if I recall) but I only plan on using 2 or 3 max currently.
I have used VRFs on multilayer switches a couple of times and I did not encounter any difficulties. Certainly, using 3 VRFs should not strain the resources of the switch in any way.
You should take care to observe the following:
As each OSPF process will need a unique RID, it is best to set an unique RID for each OSPF process using the router-id command manually
Use the capability vrf-lite command in each OSPF process running in a VRF. This command deactivates certain checks on LSA that are required by PE routers in MPLS networks but that could cause reachability issues in your network.
Apart from this, I am not aware of any other special precautions. Perhaps somebody else will add his/her own experiences here!
If I'm only using VRF-Lite without any MPLS support i.e. (Not in a PE-CE model) therefore I'm just using to it to virtualise the routing table and run overlapping IP subnets do I need this feature?
Yes, you do. In fact, you need to use the capability vrf-lite precisely because you are not doing PE-CE modes with MPLS. You see, without this command, your Cat3750 would consider an ABR between the VRF and the so-called MPLS Superbackbone. That would, among other things, cause it to ignore OSPF inter-area routes coming from directly attached non-backbone areas within the particular VRF.
To put it simply, in your network, it will do no harm, and may be actually necessary (to be absolutely sure, I would need to see the logical topology of your network including the area numbering).
That's fine I'll enable it as part of the changes I make to ensure I don't encounter any issues, currently OSPF will only run for Area 0 but that's not to say that we wont commision other areas in the near future.
It makes sense the more I read about and I'm glad you brought it up, something else valuable I've learned.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...