hi Chee Yong,
Since everything is on a single router (we call this vrf-lite :), you
don't even need to meddle with BGP. Just do the appropriate route-target
import and route-target export for the vrfs. If you need to selectively
import and export routes, just attach a route-map to the route-target
command.
regards,
Lim Fung
Duane de Witt wrote:
>
> What I am saying is that you have 200.200.200.0 routed to 10.10.10.2,
> but the 200.200.200.0 network is physically connected to the router so
> you don't have to route it. You should route whatever subnets lie after
> the serial link. As a test take those two static routes out and see that
> you can ping all interfaces. Then read on cisco.com about BGP ipv4 and
> vpn4 address-family's. That will show you how to use BGP to redistribute
> all your routes. The only static routes that should be on this chassis
> are the ones that lie on your clients equipment ie. The clients Ethernet
> range.
>
> Hope this helps
>
> Regards
>
> Duane de Witt
> Network Engineer
> Siemens Business Services
> Tel. +27 11 380 4740
> Fax. +27 11 380 4710
>
> -----Original Message-----
> From: Tay Chee Yong [mailto:tcy@pacific.net.sg]
> Sent: Monday, February 11, 2002 2:36 PM
> To: Duane de Witt
> Cc: cisco-nsp@puck.nether.net
> Subject: RE: [nsp] Configuring VPN Routing/Forwarding
>
> Hi Duane,
>
> Yes. These interfaces are on the same chassis.
>
> If I were to redistribute the subnets with BGP, then it will be
> utilizing
> the Serial Link (WAN Link). My customer's bandwidth is quite limited.
> Inter-subnet traffic will cause the pipe to be used up pretty fast.
>
> Please advise how can I redistribute the subnet with BGP. Thank you.
>
> Regards,
> Cheeyong
>
> At 01:55 PM 2/11/02 +0200, Duane de Witt wrote:
> >Are all of these interfaces on the same chassis? If so you are routing
> >connected subnets which will cause problems.
> >
> >ip route vrf test1 200.200.200.0 255.255.255.0 10.10.10.2
> >ip route vrf test2 100.100.100.0 255.255.255.0 10.10.10.1
> >
> >Both of these subnets are connected and should be redistributed by BGP.
> >
> >Am I interpreting this correctly?
> >
> >Regards
> >
> >Duane de Witt
> >Network Engineer
> >Siemens Business Services
> >Tel. +27 11 380 4740
> >Fax. +27 11 380 4710
> >
> >-----Original Message-----
> >From: Tay Chee Yong [mailto:tcy@pacific.net.sg]
> >Sent: Monday, February 11, 2002 12:38 PM
> >To: Duane de Witt
> >Cc: cisco-nsp@puck.nether.net
> >Subject: RE: [nsp] Configuring VPN Routing/Forwarding
> >
> >Hi Duane,
> >
> >Here is my configuration, and some "show" statistics.
> >Please advise.
> >
> >interface FastEthernet0/0
> > no ip address
> > duplex auto
> > speed auto
> >!
> >interface FastEthernet0/0.1
> > encapsulation isl 1
> > ip vrf forwarding test2
> > ip address 200.200.200.1 255.255.255.0
> > no ip redirects
> >!
> >interface FastEthernet0/0.2
> > encapsulation isl 2
> > ip vrf forwarding test2
> > ip address 10.10.10.2 255.255.255.0
> > no ip redirects
> >!
> >interface Serial0/0
> > ip vrf forwarding test1
> > ip address 192.168.100.1 255.255.255.252
> > no fair-queue
> > clockrate 2000000
> >!
> >interface FastEthernet0/1
> > no ip address
> > duplex auto
> > speed auto
> >!
> >interface FastEthernet0/1.1
> > encapsulation isl 1
> > ip vrf forwarding test1
> > ip address 100.100.100.1 255.255.255.0
> > no ip redirects
> >!
> >interface FastEthernet0/1.2
> > encapsulation isl 2
> > ip vrf forwarding test1
> > ip address 10.10.10.1 255.255.255.0
> > no ip redirects
> >!
> >interface Serial0/1
> > ip vrf forwarding test2
> > ip address 192.168.10.1 255.255.255.252
> > clockrate 2000000
> >!
> >
> >ip route vrf test1 200.200.200.0 255.255.255.0 10.10.10.2
> >ip route vrf test2 100.100.100.0 255.255.255.0 10.10.10.1
> >
> >Router#traceroute vrf test1 200.200.200.1
> >
> >Type escape sequence to abort.
> >Tracing the route to 200.200.200.1
> >
> > 1 * * *
> > 2 *
> >Router#sh ip route vrf test1 stati
> >Router#sh ip route vrf test1 static
> >S 200.200.200.0/24 [1/0] via 10.10.10.2
> >
> >Regards,
> >Cheeyong
> >
> >At 12:03 PM 2/11/02 +0200, Duane de Witt wrote:
> > >Try injecting the routes into both VRF's. If you do a traceroute vrf
> >you
> > >should see that the routing tables are causing the packets to take
> that
> > >path.
> > >
> > >Regards
> > >
> > >Duane de Witt
> > >Network Engineer
> > >Siemens Business Services
> > >Tel. +27 11 380 4740
> > >Fax. +27 11 380 4710
> > >
> > >-----Original Message-----
> > >From: Tay Chee Yong [mailto:tcy@pacific.net.sg]
> > >Sent: Monday, February 11, 2002 12:03 PM
> > >To: cisco-nsp@puck.nether.net
> > >Subject: [nsp] Configuring VPN Routing/Forwarding
> > >
> > >Hi there,
> > >
> > >Have anyone out there configured the above with any of your customers
> >or
> > >
> > >clients??
> > >
> > >I have this scenario over here, and need some advise.
> > >
> > > vrf1 | | vrf2
> > > S1/0 | | S1/1
> > > ---------------------------
> > > | Cisco 7206 |
> > > ---------------------------
> > > F1/0 | | F2/0
> > > vrf1 | | vrf 2
> > >
> > >I had configured 2 vrf on the router, as shown above. It seems that
> > >whenever I want to reach F2/0 from F1/0, it will always go out by
> S1/0,
> > >and
> > >returned by S1/1 before reaching F2/0. This is bad, as it would
> consume
> > >the
> > >WAN Link's bandwidth. I would like to have the inter-vrf traffic to
> be
> > >within the router. Any advise from you guys out there??
> > >
> > >Really appreciate it.
> > >
> > >Regards,
> > >Cheeyong
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:32 EDT