cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1464
Views
0
Helpful
3
Replies

VRF with multiple default routes?

kclark
Level 1
Level 1

I have a 2811 with 3 ISP's, and am trying to set up equal-cost routes for load-balancing. The ISP interfaces and firewall interface are in a "PUBLIC" vrf. All other interfaces are in the global config. Everything is fine with a single default route. However, when I add a 2nd default route, I lose all connectivity to both public interfaces. I can still access the firewall interface (from a node behind the interface). Are there any restrictions in VRF for multiple default routes? Related config is attached.

3 Replies 3

Edison Ortiz
Hall of Fame
Hall of Fame

No restrictions with having multiple default routes in a VRF. The rules of routing within a VRF are the same as with a global routing table.

You may be running into an issue with NAT and the packet trying to exit an interface with a translated address in the wrong block.

Inspect your NAT table and see this behavior.

HTH,

__

Edison.

If I were trying to access internal hosts, perhaps, but I'm simply trying to SSH to any of the public interfaces within the VRF from a non-local public ip address. I didn't think NAT played a part there. I have been known to be wrong before, though... :)

Can you provide a detailed description as the source and destination of the traffic and ip route table before and after the problem occurs.

In your original message, you stated 'all other interfaces are in the global config' yet on the portion of the config it only shows interfaces within the VRF, no interfaces in the global routing table.

If you want to isolate this to a NAT issue, add the multiple default routes and during a maintenance window, remove the NAT and try to SSH.

Review Cisco Networking for a $25 gift card