Solved: VRF Routing Issue

nigel doe · ‎06-27-2014

Hi guys,

I'm having problems implementing a vrf on a 3560G (12.2(55)SE9, C3750-IPSERVICESK9-M). I have a number of SVI's configured on the switch and I want to separate routing from one (to start) vlan from the rest.

I think my config looks ok, but when testing the traffic seems to die on the vlan interface. My config looks like this:

ip vrf red
rd 1:1
!
interface Vlan11
description Block 1 Guest WLAN
ip vrf forwarding red
ip address 172.16.5.2 255.255.255.0
!
ip route vrf red 0.0.0.0 0.0.0.0 GigabitEthernet2/0/1 10.201.29.1
ip route vrf red 8.8.8.8 255.255.255.255 GigabitEthernet2/0/1 10.201.29.1

The 10.201.29.1 is an ASA firewall.

What am I missing!?!

Thanks.

edit: It just occurred to me that the exit interface (when traffic returning) won't know about the interface that's not in the global rib and I would need to route back from the global rib to the vrf?

petenixon · ‎06-27-2014

If you add the route back into the global routing table it will solve the return route issue.

View solution in original post

petenixon · ‎06-27-2014

If you add the route back into the global routing table it will solve the return route issue.

paul driver · ‎06-27-2014

Hello

Just like to add you don't need both those statics pointing your FW , Just the default route would do

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul