[c-nsp] routing between VRF and global
Chris Mason
chris at noodles.org.uk
Wed Jul 28 12:25:34 EDT 2010
> Which means the only real option is a "GRE internal hairpin". Except I
> can't see how you would implement a tunnel with both endpoints are on
> the same device - and even if you could, is that the sort of
> configuration you'd want other people to see?
I am not sure if this helps you or whether it is supported on the
6500, but I have previously used the follow hack.
This is definately a hack and will probably have performance issues as
well as the GRE overhead on MTU, etc.
You create the following in the global table:
interface Loopback100
ip address 192.0.2.1 255.255.255.255
!
interface Tunnel100
ip address 192.0.2.129 255.255.255.252
tunnel source Loopback100
tunnel destination 192.0.2.2
!
You create the following in the VRF table:
interface Loopback101
ip address 192.0.2.2 255.255.255.255
!
interface Tunnel101
ip vrf forwarding <VRF>
ip address 192.0.2.130 255.255.255.252
tunnel source Loopback101
tunnel destination 192.0.2.1
!
You then run a dynamic routing protocol across the tunnel like OSPF
for exampel:
router ospf 100
network 192.0.2.129 0.0.0.0 area <AREA>
!
router ospf 101 vrf <VRF>
network 192.0.2.130 0.0.0.0 area <AREA>
!
The tunnel source and destination are between different loopbacks
within the global table, but one end of the tunnel is within the
global and one end within the VRF table. You might be able to NAT
across the GRE tunnel.
/Chris
More information about the cisco-nsp
mailing list