cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
359
Views
0
Helpful
4
Replies
Highlighted
Beginner

VRF leaking - basic setup

Hello,

 

As an attempt to solve a broader problem, I decided to divide it in smaller parts.

 

One of which is the following: how to setup a basic inter-vrf communications path with statics routes from each VRF to the global routing table and then from the global routing table to the other VRF.

 

Let say we have a router with:

- port 3 in vlan 3 with IP 192.168.3.1/24 in vrf3

- port 4 in vlan 4 with IP 192.168..4.1/24 in vrf4

 

We want to allow communications from network 192.168.3.0 to network 192.168.4.0 and vice-versa.

 

Here is a sample of the configuration:

 

interface FastEthernet0/0/3
switchport mode access
switchport access vlan 3
interface FastEthernet0/0/4
switchport mode access
switchport access vlan 4
exit

vrf definition vrf3
address-family ipv4
exit-address-family
vrf definition vrf4
address-family ipv4
exit-address-family
!

interface vlan3
vrf forwarding vrf3
ip address 192.168.3.1 255.255.255.0
exit
interface vlan4
vrf forwarding vrf4
ip address 192.168.4.1 255.255.255.0

exit

 

! static routes in each vrf
ip route vrf vrf3 192.168.4.0 255.255.255.0 192.168.4.1 global
ip route vrf vrf4 192.168.3.0 255.255.255.0 192.168.3.1 global

 

! routes in the global table
ip route 192.168.3.1 255.255.255.255 vlan3
ip route 192.168.4.1 255.255.255.255 vlan4

 

I must be missing something because it does not work.

 

I know you would say it make no sense to use VRF in this case but, I recall, this is a simplified part of a broader problem.

 

 

Thanks for your ideas,

Cedric T.

 

4 REPLIES 4
Highlighted
VIP Mentor

Hello
Why not put them in the same VRF and route-leak to whatever other rib table you wish?



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
Highlighted

Because in the broader problem, there are 2 different VRFs and I cannot change that.

 

Note that in my original post, I stated: "I know you would say it make no sense to use VRF in this case but, I recall, this is a simplified part of a broader problem".

 

Best regards,

Cedric T.

Highlighted

Hello
I would say it would work if you specified a next hop address in the vrf x statics but it dont looklike you can due to them being logical SVI's

ip route vrf vrf3 192.168.4.0 255.255.255.0 vlan3 192.168.4.x global
ip route vrf vrf4  192.168.3.0 255.255.255.0 vlan4 192.168.3.x global



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
Highlighted
Rising star

Hi Cedric,

 

If it is okay to run BGP, you can leak routes between the two VRFs.

Here is a sample config:-

 

interface FastEthernet0/0/3
switchport mode access
switchport access vlan 3
interface FastEthernet0/0/4
switchport mode access
switchport access vlan 4
exit

!

vrf definition vrf3

rd 3:3
address-family ipv4

 route-target both 3:3

 route-target import 4:4
exit-address-family
vrf definition vrf4

 rd 4:4
address-family ipv4

 route-target both 4:4

 route-target import 3:3
exit-address-family
!

interface vlan3
vrf forwarding vrf3
ip address 192.168.3.1 255.255.255.0
exit
interface vlan4
vrf forwarding vrf4
ip address 192.168.4.1 255.255.255.0

exit

!

! static routes in each vrf
ip route vrf vrf3 192.168.4.0 255.255.255.0 192.168.4.1 global
ip route vrf vrf4 192.168.3.0 255.255.255.0 192.168.3.1 global

!

! routes in the global table
ip route 192.168.3.1 255.255.255.255 vlan3
ip route 192.168.4.1 255.255.255.255 vlan4

!

router bgp 65001

 address-family ipv4 vrf vrf3

  redistribute connected

 address-family ipv4 vrf vrf4

  redistribute connected

!

 

 

 

HTH,
Meheretab