Re: vrf and bgp in core

suthomas1 · ‎01-14-2013

the network has 3 vlans - wireless , users & printers on the core switch. The Core switch is connected to its uplink wan router for internet access.

Core switch - 10.58.21.2/30 and router - 10.58.21.1/30

The requirement is to run vrf/bgp between this core and the upstream router.

router bgp 65001

bgp log-neighbor-changes

network 10.50.20.0 mask 255.255.255.0

network 10.58.10.0 mask 255.255.255.128
neighbor 10.58.21.1 remote-as 65005
no auto-summary

interface gig0/2

ip address 10.58.21.2 255.255.255.252

description Uplink to router

Currently the uplink is connected via a layer3 interface on the core switch. However, there will be a second uplink connected to the router from core switch.

I am not very consistent on vrf. Please help me on how the configuration should be for this, including the individual vlans and with two uplinks.

The upstream routes need to work with vrf.

Appreciate all help!

mahmoodmkl · ‎01-15-2013

Hi,

You can create a new VRF and assign gig0/2 in that VRF but remember that you will not able reach this IP from global routing table unless you have routing between them.

ip vrf VRFNAME

and then under the interface

ip forwarding vrf VRFNAME

Thanks

suthomas1 · ‎01-15-2013

Thanks. Since there are two uplinks from this Core switch, we were thinking of creating a /30 vlan interface connecting the switch and upstream router.

So, lets say vlan 21 ,

int vlan 21

ip address 10.58.21.2 255.255.255.252

description Uplink to router

ip vrf VRFNAME

So on both the physical interfaces on Core switch , can i use below configuration:-

int gi0/2

desc uplink1 to router

sw mode trunk

int gi0/3

desc uplink1 to router

sw mode trunk

Will this suffice? and also do i need to put ip vrf VRFNAME under each of the other wireless, users & printers vlans.

Thanks in advance !

mahmoodmkl · ‎01-15-2013

Hi
i suggest to use physical interface like a point to point link instead of vlan interface
make the physical interface on which the router is connected as a routed port n assign the ip n vrf info

Sent from Cisco Technical Support iPhone App

suthomas1 · ‎01-15-2013

Ok. in that case , since we have two physical interfaces from the core switch towards the uplink router, how do i configure two different physical interfaces with one /30 ip address?

and also how will the vrf configuration look like for this?

Appreciate all help!

paul.strazza · ‎01-16-2013

Since your running ebgp.. can you just have a second /30 for the second uplink, and stick to routed interfaces?

paul.strazza · ‎01-16-2013

I wonder if this would work.. please try in a lab first or in GNS3..

switch

ip routing

ip vrf wireless
rt 1:1

ip vrf users
rt 1:2

ip vrf printers
rt 1:3

int vlan 1
ip address 10.0.1.1 255.255.255.0
ip vrf forwarding wireless
no shut

int vlan 2
ip address 10.0.2.1 255.255.255.0
ip vrf forwarding users
no shut

int vlan 3
ip address 10.0.3.1 255.255.255.0
ip vrf forwarding printers
no shut

int gi0/2
ip address 10.58.21.2 255.255.255.252
desc first uplink router
no shut

int gi0/3
ip address 10.58.21.6 255.255.255.252
desc second uplink router
no shut

router bgp 65001

address-family ipv4
neighbor 10.58.21.1 remote-as 65005
neighbor 10.58.21.7 remote-as ???
no auto-summary

address-family vpnv4 wireless
network 10.0.1.0 mask 255.255.255.0

address-family vpnv4 users
network 10.0.2.0 mask 255.255.255.0

address-family vpnv4 printers
network 10.0.3.0 mask 255.255.255.0

router

ip vrf wireless
rt 1:1

ip vrf users
rt 1:2

ip vrf printers
rt 1:3

int gi0/2
ip address 10.58.21.1 255.255.255.252
no shut

interfaces for vrfs if any ....

router bgp 65005

address-family ipv4
neighbor 10.58.21.2 remote-as 65001
no auto-summary

address-family vpnv4 wireless
network or redistribute from outside..

address-family vpnv4 users
network or redistribute from outside..

address-family vpnv4 printers
network or redistribute from outside..

of course the disclaimer....

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

suthomas1 · ‎01-16-2013

If i am to use vlan svi , can i still use a /30 for the routed link upstream and still do vrf with the two interfaces part of the routed uplink?

mahmoodmkl · ‎01-16-2013

Hi
if u use svi with /30 it will give u two ips which will not be enough for three devices
swith n two routers
hence have separate p2p ips for u r routers n switch

Sent from Cisco Technical Support iPhone App

suthomas1 · ‎01-17-2013

yes that is correct.

so , in that case if i use a /28 to interconnect the switch and router, what option should be best :-

1. to create an SVI

2. to create an L3 Portchannel

mahmoodmkl · ‎01-17-2013

Hi
i suggest to go with L3 links

Sent from Cisco Technical Support iPhone App