[c-nsp] routing between VRF and global

Daniska Tomas Tomas.Daniska at soitron.com
Tue Aug 3 15:41:04 EDT 2010


Chris, Jeff, *

have you managed this to work being CEF switched? Couldn't get past process path when I tried lately

--

deejay


> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Chris Mason
> Sent: Wednesday, July 28, 2010 6:26 PM
> To: Jeff Bacon
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] routing between VRF and global
> 
> > Which means the only real option is a "GRE internal hairpin". Except I
> > can't see how you would implement a tunnel with both endpoints are on
> > the same device - and even if you could, is that the sort of
> > configuration you'd want other people to see?
> 
> I am not sure if this helps you or whether it is supported on the
> 6500, but I have previously used the follow hack.
> This is definately a hack and will probably have performance issues as
> well as the GRE overhead on MTU, etc.
> 
> You create the following in the global table:
> 
> interface Loopback100
>  ip address 192.0.2.1 255.255.255.255
> !
> interface Tunnel100
>  ip address 192.0.2.129 255.255.255.252
>  tunnel source Loopback100
>  tunnel destination 192.0.2.2
> !
> 
> You create the following in the VRF table:
> 
> interface Loopback101
>  ip address 192.0.2.2 255.255.255.255
> !
> interface Tunnel101
>  ip vrf forwarding <VRF>
>  ip address 192.0.2.130 255.255.255.252
>  tunnel source Loopback101
>  tunnel destination 192.0.2.1
> !
> 
> You then run a dynamic routing protocol across the tunnel like OSPF
> for exampel:
> 
> router ospf 100
>  network 192.0.2.129 0.0.0.0 area <AREA>
> !
> router ospf 101 vrf <VRF>
>  network 192.0.2.130 0.0.0.0 area <AREA>
> !
> 
> The tunnel source and destination are between different loopbacks
> within the global table, but one end of the tunnel is within the
> global and one end within the VRF table. You might be able to NAT
> across the GRE tunnel.
> 
> /Chris
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list