Solved: Re: VRF lite

Jonathancert_2 · ‎10-19-2010

Does VRF configuration always rely on some type of tunneling protocol? Can it be set up between two devices without tunneling?

Edison Ortiz · ‎10-19-2010

VRF is not a tunnel technology. It's just a segmentation of your routing table. Yes, you can set up VRF at one end without setting up VRF on the connected device or have both devices under a VRF.

Regards,

Edison

View solution in original post

Mahesh Gohil · ‎10-19-2010

Yes you are right...because 172.16.50.0 is in global table while other two pool are in vrf table

regards

mahesh

View solution in original post

Mahesh Gohil · ‎10-19-2010

Hello,

There is no such prerequisite.

infact VRF-LITE is a feature that enables a Customer to totally segregate two or more networks

and VRF-lite uses input interfaces to distinguish routes for different VPNs and forms virtual packet-forwarding tables

by associating one or more Layer 3 interfaces with each VRF.

Interfaces in a VRF can be either physical, such as Ethernet ports, or logical, such as VLAN
SVIs, but a Layer 3 interface cannot belong to more than one VRF at any time.

I hope this is useful

Regards

Mahesh

Edison Ortiz · ‎10-19-2010

VRF is not a tunnel technology. It's just a segmentation of your routing table. Yes, you can set up VRF at one end without setting up VRF on the connected device or have both devices under a VRF.

Regards,

Edison

Jonathancert_2 · ‎10-19-2010

So i could just set up VRF on my LAN and keep everything local, very similar to VLANs. Instead of virtual networks, i would truly only have virtual routing tables.

Jonathancert_2 · ‎10-19-2010

One more question. If i do decide to set up a VRF across a WAN using OSPF, would the process ID's have to be the same on the directly connected routers?

Edison Ortiz · ‎10-19-2010

Process IDs under OSPF are local significant whether you are using VRF or not. You don't have to match PIDs between OSPF adjacent routers.

Edison Ortiz · ‎10-19-2010

Yes, VRF is similar to the creation of Vlans in order to segment your L2 domain. VRF segment L3 domains and routes can't be exchanged without configuring route leaking between VRFs.

Jonathancert_2 · ‎10-19-2010

Am I correct in the fact that if VRF is functioning correctly I should not be able to "ping" a VRF interface from a network not specified identified within my VRF routing table. For instance.

Router A

Router OSPF 20 VRF test

network 10.120.10.0 0.0.0.255 area 100

network 10.130.10.0 0.0.0.255 area 100

Router B

Router OSPF 40

network 172.16.50.0 0.0.0.255 area 200

If I am on a workstation within the 172.16.50.0 network, I should not be able to ping a workstation withing the 10.120.10.0 network.

Mahesh Gohil · ‎10-19-2010

Yes you are right...because 172.16.50.0 is in global table while other two pool are in vrf table

regards

mahesh

Mahesh Gohil · ‎10-19-2010

Yes you are right...because 172.16.50.0 is in global table while other two pool are in vrf table

regards

mahesh