[c-nsp] Routing between VRF and non-VRF
Joe Maimon
jmaimon at ttec.com
Fri Jun 20 04:43:41 EDT 2008
Garry wrote:
> Maybe I'm missing something here, but what's the "right" way of routing
> between VRF and non-VRF interfaces?
In my opinion, by being able to define a physical or logical interface
between them.
Which you can currently, at cost of handling the packet twice. Which is
silly, but you may be willing to pay that cost for your expected return.
Either with tunnels, or with any other two ethernet interface, two atm
interfaces. One side is in one vrf and the other in another or global.
You can route, you can nat, you can firewall, you can ACL, you can
account, you can graph, you treat it as an interface.
> I've tried different things to keep the actual
> transition between VRF and non-VRF on the same router
This works fairly well as proof of concept
ip vrf red
ip vrf blue
int l0
ip address 10.1.1.1 255.255.255.255
int l1
ip address 10.1.1.2 255.255.255.255
int t0
tun sou l0
tun dest 10.1.1.2
ip vrf forwarding red
ip address 10.2.1.1 255.255.255.252
int t1
tun sou l1
tun dest 10.1.1.1
ip vrf forwarding blue
ip address 10.2.1.2 255.255.255.252
More information about the cisco-nsp
mailing list