[c-nsp] Half duplex VRF

Hitesh Vinzoda vinzoda.hitesh at gmail.com
Thu Oct 11 01:45:52 EDT 2012 

Hi Arie,

This is already in place and the virtual-access interfaces belongs to this
vrf and so do their PPP host router.

This routes are not visible in upstream vrt U which is great but these
routes do appear in Downstream vrf D so that is the reason they route
locally and doesnt go towards hub CE.

The illustrations that i have seen before have CE sites connected on
different PE routers whereas in my case the CE routers are connected to
same PE and hence we want to avoid local routing on the LNS.

Please let me know your thoughts over this.

Thanks
Hitesh

On Wed, Oct 10, 2012 at 11:27 PM, Arie Vayner (avayner)
<avayner at cisco.com>wrote:

>  So basically your PPP connections are in the global routing table…****
>
> What is the profile you are downloading from RADIUS (debug radius) for
> them?****
>
> ** **
>
> You most likely should be downloading the “ip vrf forwarding U downstream
> D” command using the RADIUS attribute “lcp:interface-config=ip vrf
> forwarding U downstream D”…****
>
>
> http://www.cisco.com/en/US/docs/ios/12_3/feature/guide/ghdpvrf.html#wp1099907
> ****
>
> ** **
>
> Arie****
>
> ** **
>
> *From:* Hitesh Vinzoda [mailto:vinzoda.hitesh at gmail.com]
> *Sent:* Wednesday, October 10, 2012 00:44
>
> *To:* Arie Vayner (avayner)
> *Cc:* Cisco Mailing list
> *Subject:* Re: [c-nsp] Half duplex VRF****
>
> ** **
>
> Hi Arie,****
>
> ** **
>
> Below is the desired excerpt. We can't see the VRF config being applied to
> the interfaces but its visible in "show ip int virtual-access". I have
> tried two different way in RADIUS attributes but the results are the same.
> ****
>
> ** **
>
> LNS#show ppp all****
>
> Interface/ID OPEN+ Nego* Fail-     Stage    Peer Address    Peer Name****
>
> ------------ --------------------- -------- ---------------
> --------------------****
>
> Vi4          LCP+ CHAP+ IPCP+      LocalT   192.168.254.200 \****
>
> spoke at cerberusnetworks.co.uk****
>
> Vi3          LCP+ CHAP+ IPCP+      LocalT   192.168.254.100 \****
>
> mpls at cerberusnetworks.co.uk****
>
> LNS#show run int vir****
>
> LNS#show run int virtual-acc****
>
> LNS#show run int virtual-access 3****
>
> Building configuration...****
>
> ** **
>
> Current configuration : 78 bytes****
>
> !****
>
> interface Virtual-Access3****
>
>  ip mtu 1492****
>
>  ip verify unicast reverse-path****
>
> end****
>
> ** **
>
> LNS#show run int virtual-access 4****
>
> Building configuration...****
>
> ** **
>
> Current configuration : 78 bytes****
>
> !****
>
> interface Virtual-Access4****
>
>  ip mtu 1492****
>
>  ip verify unicast reverse-path****
>
> end****
>
> =================****
>
> ** **
>
> LNS#show ip int virtual-access 3****
>
> Virtual-Access3 is up, line protocol is up****
>
>   Interface is unnumbered. Using address of Loopback2 (2.2.2.1)****
>
>   Broadcast address is 255.255.255.255****
>
>   Peer address is 192.168.254.100****
>
>   MTU is 1492 bytes****
>
>   Helper address is not set****
>
>   Directed broadcast forwarding is disabled****
>
>   Outgoing access list is not set****
>
>   Inbound  access list is not set****
>
>   Proxy ARP is enabled****
>
>   Local Proxy ARP is disabled****
>
>   Security level is default****
>
>   Split horizon is enabled****
>
>   ICMP redirects are always sent****
>
>   ICMP unreachables are always sent****
>
>   ICMP mask replies are never sent****
>
>   IP fast switching is enabled****
>
>   IP Flow switching is disabled****
>
>   IP CEF switching is enabled****
>
>   IP CEF switching turbo vector****
>
>   IP CEF turbo switching turbo vector****
>
>   VPN Routing/Forwarding "U"****
>
>   Downstream VPN Routing/Forwarding "D"****
>
>   Associated unicast routing topologies:****
>
>     ipv4 topologies in downstream VRF "D" :****
>
>         Topology "base", operation state is UP****
>
>     ipv4 topologies in upstream(forwarding) VRF "U":****
>
>         Topology "base", operation state is UP****
>
> ===============================================****
>
> Thanks****
>
> Hitesh****
>
> ** **
>
> On Tue, Oct 9, 2012 at 9:52 PM, Arie Vayner (avayner) <avayner at cisco.com>
> wrote:****
>
> Hitesh, how does your virtual-access look like for the spokes?****
>
> Can you please share the “show run interface virtual-access xx” for the
> spokes?****
>
>  ****
>
> Tnx****
>
> Arie****
>
>  ****
>
> *From:* Hitesh Vinzoda [mailto:vinzoda.hitesh at gmail.com]
> *Sent:* Tuesday, October 09, 2012 09:05
> *To:* Arie Vayner (avayner)
> *Cc:* Cisco Mailing list
> *Subject:* Re: [c-nsp] Half duplex VRF****
>
>  ****
>
> Hi Arie,****
>
>  ****
>
> I have attached topology, .Net file and configs of related devices. R8 and
> R9 are simulating spokes whereas Internet-RTR is simulating Hub.****
>
>  ****
>
> Cheers****
>
>  ****
>
> Hitesh****
>
> On Tue, Oct 9, 2012 at 8:37 PM, Arie Vayner (avayner) <avayner at cisco.com>
> wrote:****
>
> Hitesh, can you maybe share some of your configs?
> Arie****
>
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:
> cisco-nsp-bounces at puck.nether.net] On Behalf Of Hitesh Vinzoda
> Sent: Tuesday, October 09, 2012 07:04
> To: Cisco Mailing list
> Subject: [c-nsp] Half duplex VRF
>
> I am trying to setup half duplex vrf to save vrf's on the LNS. Does anyone
> has working configuration for spokes and Hub connected on the same PE
> router i.e. LNS. So far i able to export-import the routes but the traces
> from one spoke to other goes directly via LNS instead of via Hub.
>
> Please advise.
>
> TIA
> Hitesh****
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/****
>
>  ****
>
> ** **
>

More information about the cisco-nsp mailing list