[c-nsp] VRF-lite to do L3 passthru

Rodney Dunn rodunn at cisco.com
Sun Jul 26 00:18:05 EDT 2009 

It's just that simple. ;)

The problem comes if you want the routing table separation at multiple 
hops in a network. It usually doesn't scale to do VRF lite on every hop 
because it would be a configuration challenge.

But if it's just to differential the RIB on one box what you have will 
do it.

Or depending on where you want to dump the vlan out at you may look at a 
L2tpv3 xconnect (you have to get the hardware to support it though) and 
carry it L2 all the way through the ip network. I'd say EoMPLS but you 
need MPLS for that.

Rodney



Jeff Bacon wrote:
> So, I have this dot1q trunk on which I receive a bunch of vlans, each of
> which is its own P-T-P circuit to <somewhere>. It's connected to a
> 6500/sup720. 
> 
> Currently I bring it in as a dot1q trunk on a switchport, map the VLANs,
> and then use SVIs to handle layer-3. 
> 
> However, I would really like to pass off some of the circuits to other
> devices, without the 6500's global RIB being involved. (The 6500 is one
> of my edge devices that I use to connect to a bunch of other vendors,
> and it along with its twin do lots of stuff. But then there's other
> activities - imagine, say, I want to run an internal WAN link over the
> trunk. I don't want to have to clutter the 6500's global RIB with my
> internal routes just to pass the link through it.) 
> 
> This seems like what VRF-lite is meant to do. Only the docs appear all
> sort of skewed towards MPLS VPN implementations and BGP, and I'm not
> doing MPLS tag switching here, or BGP. I guess I just want mini virtual
> router instances running EIGRP to tie <this incoming dot1q VLAN> to
> <this other port> so I can spin off some of the incoming VLANs/ckts to
> the other devices they're meant for. 
> 
> (This is about cost - I can have each ckt be its own port off the
> provider's equipment and thus have every ckt go to the device intended,
> but that's an additional $150-300/mo xconnect charge from my co-lo
> provider plus I get bulk discounts from the provider by bringing
> everything in on a gig trunk - they don't have to chew up as many ports
> on their equipment.)
> 
> I think I get the basic idea - 
> 
> vrf fred
>   rd 1:2
> router eigrp 20
>   network 20.0.0.0
>   address-family fred
>      network 10.0.0.0
>      no auto-summary
> int g2/1
>    desc dot1q trunk from provider
> int g2/1.2000
>    desc incoming ckt I need to go somewhere else
>    encap dot1q 2000 
>    ip vrf fred 
>    ip address 10.5.5.2 255.255.255.252
> int g2/1.3000
>    desc incoming ckt that the 6500 should deal with
>    encap dot1q 3000
>    ip address 20.1.1.1 255.255.255.252
>    other normal stuff 
> int g4/3
>    desc port to some-other-router
>    ip vrf fred
>    ip address 10.4.4.2 255.255.255.252 
> 
> is it really that simple? Will VRF-lite work without actually using BGP
> or MPLS? Are there docs somewhere in the Cisco spiderweb which are
> clearer on the topic than the ones which are part of the SX doc train?
> 
> Thanks,
> -bacon
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list