[c-nsp] How to connect two VRFs on the same router? (without a loop-cable)

Paolo Lucente pl+list at pmacct.net
Sun Jul 22 05:56:41 EDT 2007 

Hi Gunther,

leaking routes between the global routing table and the VRF (and vice-versa
because otherwise you can't obtain bi-directional connectivity) could be
achieved by appointing some static routes, ie.

ip route vrf x <dest prefix> <dest prefix mask> <next-hop> global
ip route <vrf dest prefix> <vrf dest prefix mask> <interface> <vrf next-hop>

For a more realistic scenario, to this simple configuration you need to add
some kind of redistribution and take into account NATting if using private
addresses inside the VRF. 

Would agree with Christian such a solution could carry some drawbacks in some
solutions, say among the others sub-optimal routing, and should be carefully
evaluated before being deployed. 

Cheers,
Paolo

On Sun, Jul 22, 2007 at 10:54:04AM +0200, Gunther Stammwitz wrote:
> > -----Urspr?ngliche Nachricht-----
> > Von: Christian MacNevin [mailto:macnevin at google.com] 
> > Gesendet: Sonntag, 22. Juli 2007 05:48
> > An: Gunther Stammwitz
> > Cc: cisco-nsp at puck.nether.net
> > Betreff: Re: [c-nsp] How to connect two VRFs on the same 
> > router? (without a loop-cable)
> > 
> 
> Hello Christian!
> 
> Thanks for your reply. Please see below:
> 
> > Just leake route targets between them. If you want to do it 
> > only on the local router, then export all the routes you want 
> > into a new route target by adding the extended community 
> > through a route map, then import that same route target on 
> > the other side.
> Okay - that's what the other people told too and seems to be the right way.
> 
> > 
> > There's also some horrible vrf jumping into default routing 
> > table stuff people have been doing which frankly doesn't bear 
> > thinking about.
> > 
> ... But is is getting more complicated. In fact I'm only using one vrf and
> the default instance and want to export routes from the default instance
> into the vrf.
> 
> Would you have an example how to accomplish an export from the default
> instance into a vrf for me, please?
> 
> Thanks,
> Gunther
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list