Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1650
Views
0
Helpful
4
Replies

connect multiple vrfs configured on two routers over a common link without mpls

csoto0001
Level 1
Level 1

‎05-25-2015 04:39 PM - edited ‎03-05-2019 01:32 AM

Background:

I have two routers (asr1002-r7200) communicating over three L2 links, I've set up a vrf/mpls scenario but I,m having trouble with internet access on the remote node I've done some tests and I believe the problem resides on the packet exceeding 1500 mtu since in the lab once I increase the mtu on the physical ports everything works Ok, the problem is that my providers are not capable of increasing the mtu size on the links.

Question:

is there a way to link the vrfs without mpls so mtu is not an issue and maintaining isolation because i have reused the ip space.

is there a way to lower the mtu so I can keep the mpls setup without exceeding the mtu limit.

 

Thanks.

 

Labels:
0 Helpful
4 Replies 4

Reza Sharifi
Hall of Fame
Hall of Fame

‎05-25-2015 05:12 PM

Hi,

You can simply use VRF lite with imprt/export and without MPLS.

Have a look at this link:

http://www.cisco.com/c/en/us/support/docs/multiprotocol-label-switching-mpls/multiprotocol-label-switching-vpns-mpls-vpns/47807-routeleaking.html

HTH

0 Helpful

csoto0001
Level 1
Level 1
In response to Reza Sharifi

‎05-26-2015 07:10 AM

Hi,

I've done vrf-lite with bgp, ospf and rd for leaking and I've gotten alright up to route propagation but when I try to ping the remote interfaces there is no answer even do the routes are there.

I've also tried a tunnel with ip unnumbered on the vrf and ospf shows all the routes but no data goes through.

I'll try the static routes that appear in the link you sent and see if data goes through, after that I'll post you conf of different scenarios maybe you can comment in something I'm missing.

addition:

I've noted the reference to physical interfaces on the ip routes, in my case the vrfs don't have direct access to the links on each of the routers unless they pass through global or shared vrf since I do not have enough links to assign directly to each vrf to do a  point to point connection.

this is

(vrf1,vrf2,...)->vrf shared->links->vrf shared->(vrf1,vrf2,...)

or

(vrf1,vrf2,...)->global->links->global->(vrf1,vrf2,...)

Thanks.

0 Helpful

csoto0001
Level 1
Level 1
In response to csoto0001

‎05-26-2015 07:34 AM

This is how my lab looks at the moment, after trying different scenarios, any comments will be appreciated.

Thanks.

Preview file
5 KB
Preview file
5 KB
0 Helpful

csoto0001
Level 1
Level 1
In response to csoto0001

‎06-08-2015 08:56 AM

ended up considering the fixed L2 links running "ip mpls" as if they where ppoe, gre or ipsec vpn tunnels,  thus applying "ip tcp adjust-mss 1452" on the ingress interfaces as recommended by the default configs, that appear to have solve the problem.

0 Helpful
Customers Also Viewed These Support Documents