12-08-2023 11:49 AM - edited 12-08-2023 12:19 PM
I have a cat 9300 and need to configure it for 5 different VRFs which simulates different L3 switches.
on R1, I have two GRE tunnels to ESW1. my question is: can I configure VRFs on ESW1 instead of using R2,ESW2 (has few vlans),ESW3 (has few vlans) as physical devices? topology is shown in the attached picture:
Solved! Go to Solution.
12-10-2023 10:45 AM
I think you talking about below point
The VRF associated with the tunnel vrf command is the same as the VRF associated with the physical interface over which the tunnel sends packets (outer IP packet routing).
Router-c9300
Interface between Router and C9300 config with vrf RED
The C9300 have two tunnel each within one VRF and both use interface to Router as tunnel source
So
Interface tunnel 1
Tunnel vrf RED
Tunnel source interface (toward R)
Ip vrf forwarding BLUE
!
Interface tunnel 2
Tunnel vrf RED
Tunnel source interface (toward R)
Ip vrf forwarding Green
That meaning of this point' the tunnel source interface must config same as tunnel vrf.
12-08-2023 12:52 PM
if the SW support
vrf tunnel command
then you can use SW to config GRE tunnel.
MHM
12-08-2023 02:15 PM
thanks for replying boss!
my main goal is to get rid of the SW2,SW3 and R2 and configure VRFS on the CAT 9300 switch. is this possible?
12-08-2023 02:22 PM - edited 12-08-2023 02:28 PM
these restriction for config GRE tunnel VRF aware in 9300 IOS XE
Both ends of the tunnel must reside within the same VRF. <<- only make sure both end use same VRF
The VRF associated with the tunnel vrf command is the same as the VRF associated with the physical interface over which the tunnel sends packets (outer IP packet routing).
The VRF associated with the tunnel by using the ip vrf forwarding command is the VRF that the packets are to be forwarded in as the packets exit the tunnel (inner IP packet routing).
The feature does not support the fragmentation of multicast packets passing through a multicast tunnel.
The feature does not support the ISIS (Intermediate System to intermediate system) protocol.
MHM
12-09-2023 03:16 PM
so, based one the doc, we can not associate multiple vrfs to one tunnel?
12-10-2023 10:45 AM
I think you talking about below point
The VRF associated with the tunnel vrf command is the same as the VRF associated with the physical interface over which the tunnel sends packets (outer IP packet routing).
Router-c9300
Interface between Router and C9300 config with vrf RED
The C9300 have two tunnel each within one VRF and both use interface to Router as tunnel source
So
Interface tunnel 1
Tunnel vrf RED
Tunnel source interface (toward R)
Ip vrf forwarding BLUE
!
Interface tunnel 2
Tunnel vrf RED
Tunnel source interface (toward R)
Ip vrf forwarding Green
That meaning of this point' the tunnel source interface must config same as tunnel vrf.
12-10-2023 10:49 AM
First point I make it in blue color'
The tunnel source as we see above can config with vrf under physical interface' tunnel destination as restrictions mention must be reachable via same VRF as tunnel source.
MHM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide