Re: VRF doubts data center migration

EufracioBarrios14042 · ‎08-12-2020

Hello everyone, I hope you all are doing ok.

I'm writing today because I need to make some changes in my company's network routing and I am having some problems defining what to do.

Here is the context of my problem:

Right now, we have two L3 CISCO switches, they manage our VLANs and our routing for our DC clients, each client belongs to a VRF, so they don't have routing problems with overlapping subnets, and these 2 switches are connected in an etherchannel using interfaces GE0/22-23-24 to many L2 switches that are connected to our physical hosts, so, all the communication between servers, until they arrive to our L3 switches is in layer 2, I'm adding "Diagram_A" PDF so you can see our topology.

Now my problem is that we are going to change from DC, and we can't connect to the servers in layer 2, we are connected using a different VRF and route (I'm adding also my L3 switch configuration, the VRF is named IaaS20). So, what I need to figure out how to do, is that for example, if a packet arrives to my L3 switch with network 10.18.0.0/28 it is routed using a different VRF, it's original VRF, or something else, I just need to forward packets in different VRFs so the overlapping subnets don't cause me a problem. Sorry if I can't explain it well, it's kind of hard to explain. I'm also addming "Diagram_B", that is how we are going to be connected to the new DC.

Any help will be appreciated.

Thanks!

Spawn · ‎08-12-2020

when you want one VRF to talk to another in an ideal DC scenario we extend the VRF via separate VLANS and let a firewall or a L3 gateway to manage the inter vrf traffic. the problem i see is your L3 switch is already part of all VRFS, in a classic scenario without a firewall, you will need to move the traffic via a common interface between both VRFS. like P2P back to back connection, the segment a /30 or a /29, could just act like an hop for the VRFS to talk, something like a global routing table.