Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
175
Views
0
Helpful
4
Replies

Cisco 4500-X VRF, what it does versus what I think it should be doing?

firestorm-v1
Level 1
Level 1

‎12-20-2024 11:32 PM

Thanks to several people here, I've finally worked up the confidence to try getting the routing working on the 4500-X after getting the routing working successfully on the ASR.  Unfortunately, I'm encountering issues and I'm not sure if it's due to the fact that I'm still learning how a VRF works on a L3 switch or if I'm doing what can't be done and the issues I'm facing are due to incorrect expectations.

As it stands currently, I've got a GPON ONT-on-a-stick inserted into Te1/14.  The GPON stick has two interfaces, an untagged management interface (which is untagged, the switchport has this as VLAN 50 native), and a tagged interface that comes from the ISP (VLAN 242).  In addition to that, I have VLAN 900 which is a publicly routed subnet assigned to me via the ISP with the default gateway for that subnet assigned to the VLAN900 interface.  There are two ports that attach to the firewalls (Te1/15 and Te1/16 respectively) that are also on VLAN 900 as their "WAN" interfaces.

As was working on the ASR, I've created a VRF called PUBLIC_ROUTING that has VLAN242 and VLAN900 interfaces with address-family IPv4 (I'm not ready for IPv6 yet).  The idea is that VLAN242 is a DHCP interface that pulls an IP address from the ISP and the VRF's route table is populated with the routes from the DHCP pull.  This is how it worked on the ASR and what I hope to emulate on the 4500-X.

I've attempted to recreate the same thing on the 4500-X, however I am unable to get a DHCP address from VLAN242 (the ISP's DHCP Server).

Here are the current configs:

 

 

cisco-core#sh run int Te1/14
Building configuration...

Current configuration : 245 bytes
!
interface TenGigabitEthernet1/14
 description GPON_ONT_STICK
 switchport trunk allowed vlan 50,242
 switchport trunk native vlan 50
 switchport mode trunk
 no cdp enable
 spanning-tree portfast edge trunk
 spanning-tree bpdufilter enable
end

cisco-core#sh run int VLAN242
Building configuration...

Current configuration : 123 bytes
!
interface Vlan242
 mac-address XXAA.BBCC.DDEE   (required by ISP)
 vrf forwarding PUBLIC_ROUTING
 ip address dhcp client-id Vlan242
end

cisco-core#sh vrf
  Name                             Default RD            Protocols   Interfaces
  PUBLIC_ROUTING               <not set>             ipv4        Vl242
                                                                 Vl900

 

 

 To make matters weirder (which seems to be a trend down this adventure), I set up a SPAN session to mirror Te1/14 to Te1/12 and running a packet capture on on the SPAN.  I see the DHCP Discover packets leave the port (I don't see the VLAN, but that may because my BPF-fu is bad) but I don't see a response from the upstream DHCP server.

 

Am I correct that the 4500 should be able to pull DHCP as I'm expecting and that the VRF in the 4500 should work like the VRF in an ASR?

Thank you!

Labels:
0 Helpful
4 Replies 4

paul driver
VIP
VIP

‎12-21-2024 12:39 AM - edited ‎12-21-2024 12:40 AM

Hello

@firestorm-v1 wrote:
I have VLAN 900 which is a publicly routed subnet assigned to me via the ISP with the default gateway for that subnet assigned to the VLAN900 interface
The idea is that VLAN242 is a DHCP interface that pulls an IP address from the ISP and the


Your ISP dhcp client needs to be in vlan 900 not vlan 242
note: any vrf you create on the rtr is irrelevant externally to any other device


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

firestorm-v1
Level 1
Level 1
In response to paul driver

‎12-21-2024 09:45 PM

Hello Paul:

That's not how the ASR's configured and the ASR was working until I moved the transceiver to the 4500-X.  VLAN242 is the upstream DHCP network.  On the ASR, Gi0/0/0.242 is the DHCP interface.  On the 4500-X, the DHCP interface is Vlan242.

0 Helpful

paul driver
VIP
VIP
In response to firestorm-v1

‎12-22-2024 01:49 AM

Hello
May be i am mis-understanding how you have things connected-  can you share a topology diagram please


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

firestorm-v1
Level 1
Level 1

‎12-23-2024 09:09 AM

Hello Paul:

Here's a simple diagram of how it is connected with the ASR:
ATTNETWORKDIAGRAM-FULL.png

The VLAN 242 is required by the ISP, the VLAN 900 is something I set for the public subnet (I don't use any VLANs higher than 200 so keeping it out of the "typical" VLAN range for me is just housekeeping).

I tried to eliminate the ASR entirely and just put the ONT stick into the 4500-X, but the 4500-X failed to get an IP address on VLAN242. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card