The NX-OS supports Virtual Routing and Forwarding (VRF) instances that define unique L3 routing domains. Each VRF contains its own Address Space, Unicast, and Multicast routing tables that make decisions independent from each other. The NX-OS does not allow internal route-leaking between VRF instances today. All unicast and multicast routing protocols support VRFs. When you configure a routing protocol in a VRF, you set routing parameters for the VRF that are independent of routing parameters in another VRF for the same routing protocol instance. By default, Cisco NX-OS uses the VRF of the incoming interface to select which routing table to use for a route lookup. VRFs require no license. Any feature not included in a license package is bundled with the Cisco NX-OS system images and is provided at no extra charge to you.
Cisco NX-OS can virtualize each VDC to support virtual routing and forwarding instances (VRFs). You can configure multiple VRFs in a VDC. Each VRF contains a separate address space with unicast and multicast route tables for IPv4 and IPv6 and makes routing decisions independent of any other VRF. A VRF name is local to a VDC, so you can configure two VRFs with the same name if the VRFs exist in different VDCs.
Management VRF and Default VRF
Each router has a management VRF and a default VRF:
The management VRF is for management purposes only.
Only the mgmt 0 interface can be in the management VRF.
The mgmt 0 interface cannot be assigned to another VRF.
The mgmt 0 interface is shared among multiple VDCs.
No routing protocols can run in the management VRF (static only).
All Layer 3 interfaces exist in the default VRF until they are assigned to another VRF.
Routing protocols run in the default VRF context unless another VRF context is specified.
The default VRF uses the default routing context for all show commands.
The default VRF is similar to the global routing table concept in Cisco IOS.
Limitations for VRF
VRFs have the following configuration guidelines and limitations:
• When you make an interface a member of an existing VRF, Cisco NX-OS removes all Layer 3 configurations. You should configure all Layer 3 parameters after adding an interface to a VRF. • You should add the mgmt0 interface to the management VRF and configure the mgmt0 IP address and other parameters after you add it to the management VRF. • If you configure an interface for a VRF before the VRF exists, the interface is operationally down until you create the VRF. • Cisco NX-OS creates the default and management VRFs by default. You should make the mgmt0 interface a member of the management VRF. • The write erase boot command does not remove the management VRF configurations. You must use the write erase command and then the write erase boot command.
Create the VRF Context:
n7000(config)# vrf context Test-VRF
n7000(config-vrf)# ip ?
Assign Interfaces to the VRF:
n7000(config-router-vrf)# interface ethernet 1/13
n7000(config-if)# vrf member Test-VRF
n7000(config-if)# ip address 10.142.1.1 255.255.255.0
n7000(config-if)# interface loopback 10
n7000(config-if)# vrf member Test-VRF
n7000(config-if)# ip address 10.142.10.1 255.255.255.0
Create the VRF Routing Process:
n7000(config-vrf)# feature ospf
n7000(config)# router ospf 10
n7000(config-router)# vrf Test-VRF
n7000(config-router-vrf)# router-id 10.142.10.1
Verify VRF Context:
n7000# show vrf
VRF-Name VRF-ID State Reason
Test-VRF 3 Up --
default 1 Up --
management 2 Up --
Verify VRF Interfaces:
n7000# show vrf interface
Interface VRF-Name VRF-ID
mgmt0 management 2
loopback10 Test-VRF 3
Ethernet1/1 default 1
Ethernet1/2 default 1
Ethernet1/10 default 1
Ethernet1/11 default 1
Ethernet1/12 default 1
Ethernet1/13 Test-VRF 3
Verify VRF Routes:
n7000# show ip route vrf Test-VRF
IP Route Table for VRF "Test-VRF"
'*' denotes best ucast next-hop '**' denotes best mcast next-hop
Hi We have a Nexus5648 running on 7.3(3)N1(1) and a few Nexus2348 switches have FEX uplinks to the N5K in production. I am planning to add one more new Nexus 2348 to the Nexus 5648 via FEX. Just waned to confirm if production outage is exp...
Hi, Can someone clear me the below questions regarding Standard contracts and Taboo contracts : 1) As i get tell now that when i create a standard contract filters, i can choose actions at subject for filters (deny or permit)Based on this ...
Hello,I am facing a weird situation with a thin client (HP) T630 that does not connect to a FEX N2K-2348UPQ, these clients have fiber(1gig) NIC cards. HP has a similar model T620 which connects without any issues. These connections work fine in our ...
I am trying to understand how exact ACI DHCP relay works. After reading the ACI DHCP relay technote, I still have questions.
So I did the following tests, with dhcp_server in epg-A (tn-A, app-A, ctx-A, BD-A, subnet-[A]), and dhcp_client ...