What I am saying is that you have 200.200.200.0 routed to 10.10.10.2,
but the 200.200.200.0 network is physically connected to the router so
you don't have to route it. You should route whatever subnets lie after
the serial link. As a test take those two static routes out and see that
you can ping all interfaces. Then read on cisco.com about BGP ipv4 and
vpn4 address-family's. That will show you how to use BGP to redistribute
all your routes. The only static routes that should be on this chassis
are the ones that lie on your clients equipment ie. The clients Ethernet
range.
Hope this helps
Regards
Duane de Witt
Network Engineer
Siemens Business Services
Tel. +27 11 380 4740
Fax. +27 11 380 4710
-----Original Message-----
From: Tay Chee Yong [mailto:tcy@pacific.net.sg]
Sent: Monday, February 11, 2002 2:36 PM
To: Duane de Witt
Cc: cisco-nsp@puck.nether.net
Subject: RE: [nsp] Configuring VPN Routing/Forwarding
Hi Duane,
Yes. These interfaces are on the same chassis.
If I were to redistribute the subnets with BGP, then it will be
utilizing
the Serial Link (WAN Link). My customer's bandwidth is quite limited.
Inter-subnet traffic will cause the pipe to be used up pretty fast.
Please advise how can I redistribute the subnet with BGP. Thank you.
Regards,
Cheeyong
At 01:55 PM 2/11/02 +0200, Duane de Witt wrote:
>Are all of these interfaces on the same chassis? If so you are routing
>connected subnets which will cause problems.
>
>ip route vrf test1 200.200.200.0 255.255.255.0 10.10.10.2
>ip route vrf test2 100.100.100.0 255.255.255.0 10.10.10.1
>
>Both of these subnets are connected and should be redistributed by BGP.
>
>Am I interpreting this correctly?
>
>Regards
>
>Duane de Witt
>Network Engineer
>Siemens Business Services
>Tel. +27 11 380 4740
>Fax. +27 11 380 4710
>
>-----Original Message-----
>From: Tay Chee Yong [mailto:tcy@pacific.net.sg]
>Sent: Monday, February 11, 2002 12:38 PM
>To: Duane de Witt
>Cc: cisco-nsp@puck.nether.net
>Subject: RE: [nsp] Configuring VPN Routing/Forwarding
>
>Hi Duane,
>
>Here is my configuration, and some "show" statistics.
>Please advise.
>
>interface FastEthernet0/0
> no ip address
> duplex auto
> speed auto
>!
>interface FastEthernet0/0.1
> encapsulation isl 1
> ip vrf forwarding test2
> ip address 200.200.200.1 255.255.255.0
> no ip redirects
>!
>interface FastEthernet0/0.2
> encapsulation isl 2
> ip vrf forwarding test2
> ip address 10.10.10.2 255.255.255.0
> no ip redirects
>!
>interface Serial0/0
> ip vrf forwarding test1
> ip address 192.168.100.1 255.255.255.252
> no fair-queue
> clockrate 2000000
>!
>interface FastEthernet0/1
> no ip address
> duplex auto
> speed auto
>!
>interface FastEthernet0/1.1
> encapsulation isl 1
> ip vrf forwarding test1
> ip address 100.100.100.1 255.255.255.0
> no ip redirects
>!
>interface FastEthernet0/1.2
> encapsulation isl 2
> ip vrf forwarding test1
> ip address 10.10.10.1 255.255.255.0
> no ip redirects
>!
>interface Serial0/1
> ip vrf forwarding test2
> ip address 192.168.10.1 255.255.255.252
> clockrate 2000000
>!
>
>ip route vrf test1 200.200.200.0 255.255.255.0 10.10.10.2
>ip route vrf test2 100.100.100.0 255.255.255.0 10.10.10.1
>
>Router#traceroute vrf test1 200.200.200.1
>
>Type escape sequence to abort.
>Tracing the route to 200.200.200.1
>
> 1 * * *
> 2 *
>Router#sh ip route vrf test1 stati
>Router#sh ip route vrf test1 static
>S 200.200.200.0/24 [1/0] via 10.10.10.2
>
>Regards,
>Cheeyong
>
>At 12:03 PM 2/11/02 +0200, Duane de Witt wrote:
> >Try injecting the routes into both VRF's. If you do a traceroute vrf
>you
> >should see that the routing tables are causing the packets to take
that
> >path.
> >
> >Regards
> >
> >Duane de Witt
> >Network Engineer
> >Siemens Business Services
> >Tel. +27 11 380 4740
> >Fax. +27 11 380 4710
> >
> >-----Original Message-----
> >From: Tay Chee Yong [mailto:tcy@pacific.net.sg]
> >Sent: Monday, February 11, 2002 12:03 PM
> >To: cisco-nsp@puck.nether.net
> >Subject: [nsp] Configuring VPN Routing/Forwarding
> >
> >Hi there,
> >
> >Have anyone out there configured the above with any of your customers
>or
> >
> >clients??
> >
> >I have this scenario over here, and need some advise.
> >
> > vrf1 | | vrf2
> > S1/0 | | S1/1
> > ---------------------------
> > | Cisco 7206 |
> > ---------------------------
> > F1/0 | | F2/0
> > vrf1 | | vrf 2
> >
> >I had configured 2 vrf on the router, as shown above. It seems that
> >whenever I want to reach F2/0 from F1/0, it will always go out by
S1/0,
> >and
> >returned by S1/1 before reaching F2/0. This is bad, as it would
consume
> >the
> >WAN Link's bandwidth. I would like to have the inter-vrf traffic to
be
> >within the router. Any advise from you guys out there??
> >
> >Really appreciate it.
> >
> >Regards,
> >Cheeyong
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:04 EDT