Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1280
Views
0
Helpful
2
Replies

VRF - Shared Internet Connection

Eric Snijders
Level 1
Level 1

‎07-23-2019 11:47 PM

Hi Guys,
I'm pretty new on the VRF thing but i do think i understand the basics of VRF. We just got a new customer, which we place in a seperate VRF. Now the customers machines will need access to the internet. We have 1 internet connection. What is the best practice to make a new VRF able to use our existing internet line. I've read about VRF Route-Leaking, but i didn't really understand and if possible i don't want to mess around to much with routes.

 

Thanks in advance!

 

Eric

Labels:
0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎07-24-2019 12:35 AM

can you post your configuration to look and suggest best suitable config for your environment.

 

you need to allow the traffic to global routing table to reach the internet.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Seb Rupik
VIP Alumni
VIP Alumni

‎07-24-2019 01:04 AM

Hi there,
VRFs are typically used to provide Layer 3 isolation for security purposes and as such use firewalls as their default gateway. The firewall can then implement the necessary polices to permit inter-VRF communication or just allow the traffic access to the WAN/ internet.

In your topology what is the next hop towards the internet? A firewall? A router? Simply create a Layer3 /30 between the VRF and that next-hop.

It is worth noting that if you wanted to perform inter-VRF communication via a firewall you would have significantly less bandwidth available than if you had just implemented route-leaking between VRFs.

 

cheers,
Seb.

0 Helpful
Customers Also Viewed These Support Documents