02-23-2021 09:21 AM
Need to Allow a VLAN into a VRF
The vlan has a SVI and I would like to get only this vlan or network into our VRF 500 so that everyone on said vlan can reach everything that VRF 500 can reach. We have a core switch that the SVI and VRF 500 exist on so I am trying to do some magic on this switch.
I thought I could so something like this below but I think this would only allow everyone in the VRF to reach the global routing table which is not what we need.
interface Vlan10 description TEST ip address 10.1.10.1 255.255.255.0 access-list 50 permit ip 172.17.0.0 0.0.255.255 10.1.10.0 0.0.0.255 ! route-map VRF_TO_GLOBAL permit 10 match ip address 50 set global ! interface Vlan500 description VRF500 ip vrf forwarding 500 ip address 172.17.65.65 255.255.255.192 ip policy route-map VRF_TO_GLOBAL
Apologies if I am missing something obvious here. VRFs and what I am trying to do is very new to me. Any help would be greatly appreciated. Thank you!
03-03-2021 03:06 PM
Hello!
Try do this:
ip vrf VRF500
rd 1:1
import ipv4 unicast map GLOBAL_TO_VRF
export ipv4 unicast map VRF_TO_GLOBAL
route-target export 1:1
route-target import 1:1
!
ip prefix-list vlan10 seq 5 permit 10.1.10.0/24
ip prefix-list vrf seq 5 permit 172.17.65.64/26
!
route-map GLOBAL_TO_VRF permit 10
match ip address prefix-list vlan10
!
route-map VRF_TO_GLOBAL permit 10
match ip address prefix-list vrf
!
router bgp 1
bgp log-neighbor-changes
!
address-family ipv4
redistribute connected
!
address-family ipv4 vrf VRF500
network 172.17.65.64 mask 255.255.255.192
!
At this point you can see the route 172.17.65.64 pointed to SVI 500 via BGP in Global routing table and in the VRF500 routing table you will see a route 10.1.10.0/24 pointed to SVI10 via BGP.
03-03-2021 03:09 PM
Hello
So why don't you put vlan 10 in the vrf 500 also?
03-03-2021 06:43 PM
This is what I'm wondering also.
03-04-2021 04:50 PM
are this issue solve?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide