Does anybody know of a way to create an interface between two VRF's or a VRF and the global table inside one router?

I have been trying with tunnels and loopbacks but that keeps throwing up errors and anyways, since my goal is to increase switching performance that wont work long term.

The goal is to eliminate the need to configure all other interfaces on the system as "ip nat outside" simply because a handfull of connected customers wish you to carry and nat their private space.

I have been thinking of something like this...any idea?

int fa0/0/0 desc inteface that spans nat vrf and global table (crossover into fa0/1/0) ip vrf forwarding NAT-CUSTOMERS ip address 66.66.66.1 255.255.255.252 ip nat outside

int fa0/1/0 desc inteface that spans nat vrf and global table (crossover into fa0/0/0) ip address 66.66.66.2 255.255.255.252

int s1/0/0:1 ip vrf forwarding NAT-CUSTOMERS ip address 10.255.0.1 255.255.255.252 ip nat inside

int s1/0/0:2 ip address 66.66.66.5 255.255.255.252 int s1/0/0:3 ip address 66.66.66.9 255.255.255.252 int s1/0/0:4 ip address 66.66.66.13 255.255.255.252 .. .. ip route vrf NAT-CUSTOMERS 0.0.0.0 0.0.0.0 fa0/0/0 66.66.66.2 ip route vrf NAT-CUSTOMERS 10.1.1.0 255.255.255.0 s2/0/0:1 10.255.0.2 ip route 10.0.0.0 255.0.0.0 fa0/1/0 66.66.66.1 ip nat inside source list inside-nat interface fa0/0/0 overload vrf NAT-CUSTOMERS

ip access-list extended inside-nat deny ip 10.0.0.0 0.255.255.255 10.0.0.0 0.255.255.255 permit ip 10.0.0.0 0.255.255.255 any permit ip any 10.0.0.0 0.255.255.255 any deny ip any any

Of course, If I could have the router announce routes to itself across the VRF<->global interface with RIP2 or OSPF that would be even better, making it easier to mix in non-natted ip addresses with the natted one in the NAT vrf.

Should I even bother trying?

Joe