[c-nsp] routing between VRF and global
Daniska Tomas
Tomas.Daniska at soitron.com
Tue Aug 3 15:41:04 EDT 2010
Chris, Jeff, *
have you managed this to work being CEF switched? Couldn't get past process path when I tried lately
--
deejay
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Chris Mason
> Sent: Wednesday, July 28, 2010 6:26 PM
> To: Jeff Bacon
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] routing between VRF and global
>
> > Which means the only real option is a "GRE internal hairpin". Except I
> > can't see how you would implement a tunnel with both endpoints are on
> > the same device - and even if you could, is that the sort of
> > configuration you'd want other people to see?
>
> I am not sure if this helps you or whether it is supported on the
> 6500, but I have previously used the follow hack.
> This is definately a hack and will probably have performance issues as
> well as the GRE overhead on MTU, etc.
>
> You create the following in the global table:
>
> interface Loopback100
> ip address 192.0.2.1 255.255.255.255
> !
> interface Tunnel100
> ip address 192.0.2.129 255.255.255.252
> tunnel source Loopback100
> tunnel destination 192.0.2.2
> !
>
> You create the following in the VRF table:
>
> interface Loopback101
> ip address 192.0.2.2 255.255.255.255
> !
> interface Tunnel101
> ip vrf forwarding <VRF>
> ip address 192.0.2.130 255.255.255.252
> tunnel source Loopback101
> tunnel destination 192.0.2.1
> !
>
> You then run a dynamic routing protocol across the tunnel like OSPF
> for exampel:
>
> router ospf 100
> network 192.0.2.129 0.0.0.0 area <AREA>
> !
> router ospf 101 vrf <VRF>
> network 192.0.2.130 0.0.0.0 area <AREA>
> !
>
> The tunnel source and destination are between different loopbacks
> within the global table, but one end of the tunnel is within the
> global and one end within the VRF table. You might be able to NAT
> across the GRE tunnel.
>
> /Chris
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list