I have two VRF. The first-one connected to Internet, the second-one to an inside LAN with private ip and NAT.
All works but, if I take away the green line, dns resolution doesn't work, every else is ok (tcp, ssh, icmp...). So I need to have two default gateway like in this configuration.
Can you tell me why? I tried this with old and new release of IOS (this is 15.1)
!
ip vrf reteesterna
rd 1000:100
route-target export 1200:120
route-target import 1201:121
!
ip vrf reteinterna
rd 1001:101
route-target export 1201:121
route-target import 1200:120
!
!
!
interface FastEthernet0/0
description --- rete interna ---
ip vrf forwarding reteinterna
ip address 192.168.88.1 255.255.255.0
ip nat enable
duplex auto
speed auto
!
interface FastEthernet0/1
description --- rete esterna ---
ip vrf forwarding reteesterna
ip address 82.85.14.104 255.255.255.224
ip nat enable
duplex auto
speed auto
!
router bgp 222
no synchronization
bgp log-neighbor-changes
no auto-summary
!
address-family ipv4 vrf reteesterna
no synchronization
network 82.85.14.96 mask 255.255.255.224
exit-address-family
!
address-family ipv4 vrf reteinterna
no synchronization
network 192.168.88.0
exit-address-family
!
!
ip nat pool INTERNET 82.85.14.104 82.85.14.104 netmask 255.255.255.224
ip nat source list 112 pool INTERNET vrf reteinterna overload
ip route vrf reteesterna 0.0.0.0 0.0.0.0 82.85.14.97
ip route vrf reteinterna 0.0.0.0 0.0.0.0 82.85.14.97
!
access-list 112 permit ip 192.168.88.0 0.0.0.255 any
access-list 114 permit ip any any
!
!
regards
Gianrico Fichera
ITESYS SRL