cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1957
Views
15
Helpful
5
Replies

routed interfaces and vrf design 3750

yann.boulet
Level 1
Level 1

Hi all,

I would like to do the following architecture with the same C3750 :

network X,Y,Z connected to 3750 in VRF D the 3750 uses a routed interface on subnet E for the default route in VRF D on this routed interface a BYPASS EQUIPMENT the other BYPASS EQUIPMENT interface is connected also to another routed interface on subnet E "also" this routed interface is in another VRF C with other network A and B.

do you know if it will work because of 2 routed interfaces on the same IP subnet or is there a way to do that ?

the only goal for me is to catch traffic from network X,Y,Z on SYN and ACK

thanks

1 Accepted Solution

Accepted Solutions

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Yann,

if the two routed interfaces belong to two different VRFs VRF D and VRF C address overlapping is supported.

This is one of the benefits of VRFs: each VRF has a complete IPv4 address space.

The use of two routed interfaces members of different VRFs and sharing the same IP subnet is a way to build inter VRF communication in some cases. Or to place a device in the middle as in your case.

Check carefully the MAC address used by the two routed interfaces, if they are SVIs note that they may be using the same MAC address. If so In order to get a working connectivity one interface should  change its MAC address at interface configuration level using mac-address command.

You will need to configure appropriate routing between the two routed interfaces or with static routes or using a dynamic routing protocol like EIGRP.

Hope to help

Giuseppe

View solution in original post

5 Replies 5

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Yann,

if the two routed interfaces belong to two different VRFs VRF D and VRF C address overlapping is supported.

This is one of the benefits of VRFs: each VRF has a complete IPv4 address space.

The use of two routed interfaces members of different VRFs and sharing the same IP subnet is a way to build inter VRF communication in some cases. Or to place a device in the middle as in your case.

Check carefully the MAC address used by the two routed interfaces, if they are SVIs note that they may be using the same MAC address. If so In order to get a working connectivity one interface should  change its MAC address at interface configuration level using mac-address command.

You will need to configure appropriate routing between the two routed interfaces or with static routes or using a dynamic routing protocol like EIGRP.

Hope to help

Giuseppe

thank you giuseppe you are always here

ok but at the IP level between the 2 routed interfaces they will belong to which VRF ? because the 2 routed interfaces will be aware of the same directly connected network ?

thanks

Hello Yann,

the two routed interfaces in different VRFs will see each other as different hosts in the same IP subnet as they were two different boxes.

For this reason it is important they use a different MAC address.

Hope to help

Giuseppe

  Hi Giuseppe, thx once again

it seems to work, the last question because I am in a LAB and only one physical 3750, do you know if it's possible to configure L3 interfaces on catalyst that support 802.1Q encapsulation ?

thanks

Hello Yann,

if you mean Vlan based subinterfaces on Catalyst C3750

I don't think they are supported

>> A routed port is a physical port that acts like a  port on a router; it does not have to be connected to a router. A routed  port is not associated with a particular VLAN, as is an access port. A  routed port behaves like a regular router interface, except that it does  not support VLAN subinterfaces.

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_58_se/configuration/guide/swint.html#wp2208101

.

You have to use SVIs instead and you need to use the trick about the changing of the MAC address

Routed port subinterfaces are supported on C6500 with some limitations.

Hope to help

Giuseppe

Review Cisco Networking for a $25 gift card