I have a situation where I have a vrf lite tunnel, using gre, to connect two networks together. The reason for this is that the new network needs a default route, outside our network.

At the end of the vrf tunnel, at the remote end, we have patched it into the core switch. I need for the global routing table of the core switch to talk to the vrf table at the other end. At the end of the vrf router I configured an interface in that vrf, and then connected this to the core, in the same LAN, but this end wasn't in a vrf. I have set up static routes between these, some using the vrf statement and some not, depending on what way they go.

From the main, global core switch, I can ping stuff in my vrf at the other end of the gre.

At the vrf end at the remote site, I can ping to a loopback that is a member of the vrf, but no further to the global routing table.

I really need this to work asap and am reading even as I send this.

I have heard that route leaking may be the answer, and I don't use any route-import/exports here.

The fact that it works one-way tells me the routing is in place but I'm really scratching my head now.

I'm sure/hope this is a really common problem.

Does anyone have any ideas that could put me out of this misery?

I hope I have explained enough, without a config or diagram to give someone an idea of what I'm trying to achieve?

Can anyone help?

I will answer my own question here.

The reason this only worked one-way was because I was trying to get to a PC out of the VRF from the vrf vlan interface. It appears you can only test what is in the vrf from this interface, and not happens when it leaves the vrf and heads off to the main core switch outside of the vrf.

On putting a PC at either end, i had no problem whatsover with my connectivity.


