Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
573
Views
0
Helpful
0
Replies

VRF, NAT and routign Order of operation

neeraj.maurya@orange.com
Level 1
Level 1

‎09-28-2018 04:00 AM - edited ‎03-05-2019 10:57 AM

Hello,

I have a small doubt that i would like to clarify. please look at my topology below

PC1-------Router---------PC2

 

Routers interface towards PC1 is in VRF named as "one" and interface towards PC2 is in vrf named as "two". i have "NAT inside on router's interface towards PC1 and "NAT oustside" on interface towards PC2. i have one one way route vrf route leaking and there is a static NAT in vrd "one" for PC1 address. please check the configuration below from router:

 

R2#sh run | se bgp
router bgp 65000
no synchronization
bgp router-id 10.10.10.2
bgp log-neighbor-changes
no auto-summary
!
address-family ipv4 vrf one
no synchronization
redistribute connected
exit-address-family
!
address-family ipv4 vrf two
no synchronization
redistribute connected
exit-address-family

 

R2#sh run | in nat
ip nat inside source static 10.10.10.1 40.40.40.1 vrf one

 

R2#sh run vrf one
vrf definition one
rd 1:1
route-target export 1:1
route-target import 2:2
!
address-family ipv4
exit-address-family
!
!
interface FastEthernet0/0
vrf forwarding one
ip address 10.10.10.2 255.255.255.0
ip nat inside
duplex half
!
router bgp 65000
!
address-family ipv4 vrf one
no synchronization
redistribute connected
exit-address-family
!
end

R2#sh run vrf two
Building configuration...

Current configuration : 375 bytes
vrf definition two
rd 2:2
route-target export 2:2
!
address-family ipv4
exit-address-family
!
!
interface FastEthernet1/0
vrf forwarding two
ip address 20.20.20.2 255.255.255.0
ip nat outside
speed auto
duplex auto
!
router bgp 65000
!
address-family ipv4 vrf two
no synchronization
redistribute connected
exit-address-family
!
end

 

Routing table from router:

 


R2#sh ip route vrf one

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.10.10.0/24 is directly connected, FastEthernet0/0
L 10.10.10.2/32 is directly connected, FastEthernet0/0
20.0.0.0/24 is subnetted, 1 subnets
B 20.20.20.0 is directly connected, 00:55:53, FastEthernet1/0

 

R2#sh ip route vrf two

Gateway of last resort is not set

20.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 20.20.20.0/24 is directly connected, FastEthernet1/0
L 20.20.20.2/32 is directly connected, FastEthernet1/0

 

When i ping from PC1 to PC2 it works, although the VRF leaking is only one way. can you please explain how it is working? i 

 

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card