Cisco Community
English
Register
Great changes are coming to Cisco Community in July. LEARN MORE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
312
Views
0
Helpful
1
Replies
irakli_n
Beginner
Beginner
‎10-08-2018 01:28 AM
‎10-08-2018 01:28 AM

How to stop routing between subinterfaces without using firewall feature?

Hello everybody,

 

I have 1000V (or similar) router which has legs using subinterfaces in 10 or more VLANs. The intended deployment is LISP mobility by stretching subnets to multiple locations and IPSEC/SSL VPN accessing these VLANs from Internet.

 

However, there is a requirement that this router should not  allow communication between subinterfaces do to the fact that each project/network/VLAN is separate project belonging/operated by different customers.

 

Is there a way to accomplish this without using firewall or access lists? Also, the router is not the default gateway for these networks/VLANs.

 

Thanks

 

0 Helpful
1 REPLY 1
paul driver
VIP Expert VIP Expert
VIP Expert
‎10-08-2018 02:27 AM
‎10-08-2018 02:27 AM

Hello

 

@irakli_n wrote:

Hello everybody,

 

I have 1000V (or similar) router which has legs using subinterfaces in 10 or more VLANs. The intended deployment is LISP mobility by stretching subnets to multiple locations and IPSEC/SSL VPN accessing these VLANs from Internet.

 

However, there is a requirement that this router should not  allow communication between subinterfaces do to the fact that each project/network/VLAN is separate project belonging/operated by different customers.

 

Is there a way to accomplish this without using firewall or access lists? Also, the router is not the default gateway for these networks/VLANs.

 

Thanks

 

Yes using vrf lite have a look at example I shared in a previous post: - here


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Latest Contents
DR and the Type-2 LSA in OSPFv3 versus OSPFv2
Created by Meddane on 06-24-2022 04:35 PM
0
0
0
0
When moving from OSPFv2 to OSPFv3, there are many changes in the format of the LSAs Type, but the most known changes are: IP prefix informations are no longer carried in Type-1 LSA and Type-2 LSA, new LSAs Type 8 and 9 are added to carry these prefixes. L... view more
Preview of the Book OSPF CCIE The Ultimate Ccie Enterprise E...
Created by Meddane on 06-23-2022 08:45 PM
0
0
0
0
Read a preview of my book OSPF The ultimate for CCIE Enterprise and Infrastructure exam in Books Google Doc.   Read a preview of my book OSPF The ultimate for CCIE Enterprise and Infrastructure exam in Books Google Doc #CCIE #Cisco #exam #Enterprise ... view more
Series of 20 OSPF Questions With Concise Answers.
Created by Meddane on 06-21-2022 03:08 AM
0
5
0
5
  Question 1: What are the OSPF Loop Prevention Mechanisms   In single area, the routers have the Link State Database, having the same LSDB helps the routers to build a loop-free topology.   Now in a multiarea topology, the ABRs are respon... view more
Preparing a series of OSPF questions and answers
Created by Meddane on 06-19-2022 05:29 AM
2
5
2
5
Question 1: What are the OSPF Loop Prevention Mechanisms Question 2: Why area 0 is required? Question 3: what is the command to stop Type-7 LSA ? Question 4: How the NSSA ABR translator election occurs? Question 5: How to stop receiving specific subnets I... view more
Why an NSSA ABR does not inject a default route automaticall...
Created by Meddane on 06-18-2022 03:44 AM
0
0
0
0
If an NSSA ASBR originates a default route into the OSPF in order to reach an external domain, the default route is injected as a Type 7 NSSA External LSA.  If at the same time the NSSA ABR connecting that NSSA to Area 0 is generating a default route... view more
Ask a Question
Create
+ Discussion
+ Blog
+ Document
+ Video
+ Project Story
Find more resources
Discussions
Blogs
Documents
Events
Videos
Project Gallery
New Community Member Guide
Related support document topics
Recognize Your Peers
Spotlight Award Nomination
Content for Community-Ad