09-17-2013 06:46 AM - edited 03-04-2019 09:03 PM
I have 2 - 3560X's running c3560e-universalk9-mz.152-1.E.bin. I want to have three different routing tables, STORE, ENDUSER, SERVER.
My question is how to setup OSPF, do I create 1 OSPF instance with all of my subnets, or do I create an instance for each VRF?
Here is some of my config
ip routing
!
ip vrf ENDUSER
description End User Segment
!
ip vrf SERVER
description Server Segment
!
ip vrf STORE
description Store Connectivity
Under each SVI, I have the VRF forwarding statement
interface Vlan12
description OFFICE-ENDUSER
ip vrf forwarding ENDUSER
ip address 192.168.1.2 255.255.255.0
Solved! Go to Solution.
09-17-2013 06:59 AM
Hi Robert,
the segregation of the routing-tables with VRFs also includes the routing protocols, so you'll have to setup an OSPF process for each VRF:
(config)# router ospf[vrf ]
Also keep in mind that you'll need another router (or firewall etc.) to manage the routing between networks of different VRFs, if this is desired.
Hope that helps
Rolf
09-17-2013 06:59 AM
Hi Robert,
the segregation of the routing-tables with VRFs also includes the routing protocols, so you'll have to setup an OSPF process for each VRF:
(config)# router ospf[vrf ]
Also keep in mind that you'll need another router (or firewall etc.) to manage the routing between networks of different VRFs, if this is desired.
Hope that helps
Rolf
09-17-2013 07:20 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
As Rolf noted, you would normally have an OSPF instance per VRF. Effectively, you then have 3 L3 topologies (much like VLANs do for L2).
You do have the option to leak routes between VRFs.
You also could have 3 OPSF processes, and no VRFs.
"Best" approach depends on what your needs really are. VRFs are great if you need to support overlapping IP address spaces and/or you have some very stringent security requirements.
09-17-2013 07:38 AM
I have a firewall to route between VRF's.
I don't have any overlapping IP's
Thanks guys, I setup individual OSPF instances on the switches. This seems to be working.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide