cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1799
Views
0
Helpful
4
Replies

catalyst 6500 series vrf bgp and ospf

altmircea
Level 1
Level 1

Hello

I try to implement a configuration like in the attachment. Is this posible ?

Please give me some points or examples for a configuration like this.

Thank you very much

4 Replies 4

Lei Tian
Cisco Employee
Cisco Employee

Hi,

You want put all internal VLANs in global routing table, and routes from ISP in a VRF? It is possible. You need physical cables to connect interface in VRF to interface in global table. Dont't have a configure example, but it should look like the following.

ip vrf UNTRUST

rd 1:1

interface x/x

description ISP1

ip vrf forward UNTRUST

ip add x.x.x.x

interface y/y

description ISP2

ip vrf forward UNTRUST

ip add x.x.x.x

interface x/x

description to inside 1

ip vrf forward UNTRUST

ip add x.x.x.x

interface x/x

description to inside 2

ip vrf forward UNTRUST

ip add x.x.x.x

router bgp x

address-family ipv4 vrf UNTRUST

nei x.x.x.x remote-as #

nei x.x.x.x remote-as #

network x.x.x.x

router ospf 1 vrf UNTRUST

net x.x.x.x area 0

redistribute bgp x route-map BGP-TO-OSPF

default-information orginate

----------------------------

in global table

int x/x

description to VRF UNTRUST

ip add x.x.x.x

int x/y

description to VRF UNTRUST

ip add x.x.x.x

router ospf 1

passive-interface default

no pass x/x

no pass x/y

network x.x.x.x area 0

You also need to make sure your sup32 has enough TCAM for the routes.

HTH,

Lei Tian

Thank you for your response.

Yes I want to put all internal VLANs in global routing table, and routes from isp in VRF.

Which is the best way to enforce all traffic flow through the bridge when this one is present

and only use the direct link when the bridge is down or removed ?

Assume the bridge is layer 2, you will have 2 OSPF neighbors between global and VRF. To prefer the routes from OSPF via bridge, you can just Increase the OSPF cost for the interface of direct link.

HTH,

Lei Tian

Hello

I have a test setup  with 2 external connections between ports Gi5/1 to Gi5/8 and Gi5/2 to Gi5/9

but the interfaces have no communication. Physical interfaces are up and ok but Icant ping any address

from global to vrf space.

I cant find anything in documentation about this problem only some examples with GRE tunnels

but I need physical connection for external traffic shaper.

--------- In vrf ---------

interface Gi5/1

description to inside 1

ip vrf forward UNTRUST

ip add 192.168.0.1 255.255.255.252

interface Gi5/2

description to inside 2

ip vrf forward UNTRUST

ip add 192.168.0.5 255.255.255.252

-------- In global space --------

interface Gi5/8

description to vrf

ip add 192.168.0.2 255.255.255.252

interface Gi5/9

description to vrf

ip add 192.168.0.6 255.255.255.252

----------------------------------------------

thank you

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: