[c-nsp] VRF-Lite Question

[Phil Mayers]

Jeff Kell wrote:
> Let me beat this dead horse once more, but slightly :-)
> 
> Phil Mayers wrote:
>> To repeat myself: lots of per-VRF L3 point-to-point SVIs and vlan 
>> tagging, lots of routing adjacencies. That's the only way you'll
>> get this done on 3550/3750s. They're limited platforms.
>> 
>> We have a lot as outlying site routers, and I've done extensive 
>> investigation of how we could least-effort link them into our shiny
>> 6500 network. The answer is, a lot of typing.
> 
> OK, I've conceded the "lots of typing" solution at the 3550/3750 CE
> end.  What about at the PE?

Assuming you don't want to route between the VRFs at that point (you 
would normally want to take them to an access router or firewall) then 
no - again, lots of typing.

> 
> Could the 6500 (PE end) then use L3 subinterfaces, rather than
> SVIs/vlans?  You still need unique vlans for each CE P2P at the PE at
> this rate unless I'm missing something (encap dot1q xxxx reserves
> vlanID).

Yes. Sub-ints versus vlans on a stock 6500 buys you very little. I 
wouldn't bother personally.

> 
> Can you mesh them on a common vlan?  x.x.x.1/28 SVI at the PE, CEs
> use x.x.x.2/28, x.x.x.3/28, etc?

If you do that, the VRFs will be inter-connected via the PE. If that's 
what you want to do, sure, but I'm sure you don't else you would not 
bother using VRFs at all.

One more thing to be aware of - the 3550s and 3750s do not at this time 
support multicast inside VRFs. Only the root/default VRF supports it. 
There is road-mapped support for multicast VRF-lite on 3750s at least - 
not sure about 3550s given they're EoS.