10-24-2013 10:40 AM
Hi,
If I am using a vlan on an interface that has a vlan (for ex)
int fa0/1.10
encapsulation dot1Q 16
ip vrf forwarding X
Can anything outside of that vrf see vlan 16 or see the tag?
Thank you.
Lynne
10-24-2013 01:03 PM
What is that interface connected to? If it's connected to a switch then the switch would see the tag.
Daniel Dib
CCIE #37149
11-17-2013 10:38 PM
Hi Lynne,
as Daniel was saying, you need to consider the nature of a dot1q encapsulation. Being layer two , any device matching this very layer will be able to talk to your interface. consider then, that a VRF could also be used with no RT at all for simple routing table partitioning. this means that even the layer three would be visible to any other Layer 2/3 device connected to that interface :
R16:
conf t
vrf def X
rd 1:1
address-family ipv4
end
!
conf t
int fa0/1.10
encapsulation dot1Q 16
ip vrf forwarding X
end
ip add 10.1.16.16 255.255.255.0
!
router ospf 1 vrf X
net 10.1.16.0 0.0.0.255 area 0
R1:
conf t
int fa0/0.16
encapsulation dot1q 16
ip add 10.1.16.1 255.255.255.0
ip router ospf 1 area 0
SW:
conf t
int fa0/1
port-type nni
sw mo trunk
sw tr all vlan 16
no shut
!
!
int fa0/16
port-type nni
sw mo trunk
sw tr all vlan 16
no shut
end
wr
!
As you can see, no VPN involved here and because the VRF is only locally significant (locally to the router) there would not be any issue for some default VRF routers (normal routing table) to see the IP address and te routing information in R16 in VRF X
Hope this helps
Alessio
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide