 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
9 messages in net.nether.puck.cisco-nsp[c-nsp] Re: Interfacing between VRF a...| From | Sent On | Attachments |
|---|---|---|
| Joe Maimon | Jan 16, 2005 3:25 pm | |
| Joe Maimon | Jan 18, 2005 7:46 am | |
| Joe Maimon | Jan 18, 2005 7:58 am | |
| Rodney Dunn | Jan 18, 2005 8:43 am | |
| Joe Maimon | Jan 18, 2005 8:56 am | |
| David Barak | Jan 18, 2005 11:12 am | |
| Joe Maimon | Jan 18, 2005 11:30 am | |
| David Barak | Jan 18, 2005 11:41 am | |
| Joe Maimon | Jan 18, 2005 12:04 pm |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | [c-nsp] Re: Interfacing between VRF and global across interface in one router | Actions... |
|---|---|---|
| From: | Joe Maimon (jmai...@ttec.com) | |
| Date: | Jan 18, 2005 7:46:34 am | |
| List: | net.nether.puck.cisco-nsp | |
Joe Maimon wrote:
Does anybody know of a way to create an interface between two VRF's or a VRF and the global table inside one router?
I seem to have gotten the tunnels and loopback method to work (heavily edited config below). I dont actualy like this because of loopback proccess switching and because of MTU overhead since tunnels sourced from loopback seem to be constrained to max of 1490.
rt11# rt11#sh conf Using 10246 out of 126968 bytes ! version 12.3 ! hostname rt11 ! boot-start-marker boot system disk0:rsp-jk9o3sv-mz.123-8.T6.bin boot-end-marker ! ! ip vrf PRIVATE description PRIVATE networks rd 100:5 route-target export 100:5 route-target import 100:5 ! ! ! interface Tunnel0 ip address 66.66.66.253 255.255.255.252 tunnel source Loopback0 tunnel destination 66.66.66.2 ! interface Tunnel1 ip vrf forwarding PRIVATE ip address 66.66.66.254 255.255.255.252 ip nat outside ip virtual-reassembly tunnel source Loopback1 tunnel destination 66.66.66.1 ! ! interface Loopback0 ip address 66.66.66.1 255.255.255.255 ! interface Loopback1 ip vrf forwarding PRIVATE ip address 66.66.66.2 255.255.255.255 ! interface Port-channel1 no ip address ip route-cache policy ip route-cache flow full-duplex no cdp enable ! interface Port-channel1.1 encapsulation dot1Q 1 native ! interface Port-channel1.3 encapsulation dot1Q 3 ip vrf forwarding PRIVATE ip address 10.1.1.1 255.255.255.0 ip nat inside ! interface FastEthernet0/0/0 no ip address ip route-cache policy ip route-cache flow full-duplex channel-group 1 ! interface FastEthernet0/1/0 no ip address ip route-cache policy ip route-cache flow full-duplex channel-group 1 ! router rip version 2 redistribute connected redistribute static passive-interface default no passive-interface Port-channel1.3 no passive-interface Tunnel0 no passive-interface Tunnel1 network 66.66.66.0 no auto-summary ! address-family ipv4 vrf PRIVATE !yes the router will rip to itself redistribute connected network 66.66.66.0 network 10.0.0.0 no auto-summary exit-address-family ! ip classless ip route 66.66.66.2 255.255.255.255 Loopback1 ip route vrf PRIVATE 66.66.66.1 255.255.255.255 Loopback0 66.66.66.1 ! ip nat inside source list inside-nat-rules interface Tunnel1 vrf PRIVATE overload ! ! ip access-list extended inside-nat-rules deny ip 10.0.0.0 0.255.255.255 10.0.0.0 0.255.255.255 permit ip 10.0.0.0 0.255.255.255 any deny ip any any ! end
Strangely enough ping the vrf loopback address from global fails and vice versa