In its simplest form VRF is a way of creating separate forwarding instances and routing tables on a single router. Different customers can then connect to the same router via different interfaces and all traffic is kept separate. Different customer can even have overlapping address spaces because each VRF gets its own routing table.
The configuration below was created in GNS3, the routers are 2961s and the IOS version used is: c2691-adventerprisek9-mz.124-25d.bin.
I have only included the config for R3 here as that is the thing doing the VRF bit. There is nothing unusual about the configs for the other routers - to them they are not aware that VRF is taking place. R1 and R4 are part of Site_A and R2 and R5 are part of Site_B. Irrelevant bits of the R3 config have been omitted for brevity.
!
hostname R3
!
ip cef
!
!
! Create two VRF instances for our two sites with different route distinguishers
ip vrf Site_A
rd 100:1
!
ip vrf Site_B
rd 100:2
!
! This interface is in VRF Site_A
interface FastEthernet0/0
ip vrf forwarding Site_A
ip address 10.0.0.254 255.255.255.0
duplex auto
speed auto
!
! This interface is in VRF Site_B
interface Serial0/0
ip vrf forwarding Site_B
ip address 10.0.1.254 255.255.255.0
clock rate 8000000
!
! This interface is in VRF Site_A
interface FastEthernet0/1
ip vrf forwarding Site_A
ip address 192.168.0.254 255.255.255.0
duplex auto
speed auto
!
! This interface is in VRF Site_B - note how it uses the same address as Fa0/1
interface FastEthernet1/0 ip vrf forwarding Site_B
ip address 192.168.0.254 255.255.255.0
speed 100
full-duplex
!
! We enable EIGRP for Site_A, note how the majority of the configuration now goes under
! "address-family ipv4" section
router eigrp 1 auto-summary
!
address-family ipv4 vrf Site_A
network 10.0.0.0
network 192.168.0.0
no auto-summary
autonomous-system 1
exit-address-family
!
! We enable OSPF for Site_B - looks a bit different than the EIGRP bit doesn't it?
router ospf 1 vrf Site_B
log-adjacency-changes
network 10.0.1.0 0.0.0.255 area 0
network 192.168.0.0 0.0.0.255 area 0
!
!
end
That is it for the config side of thing. Some show commands to illustrate the point:
Show ip route on the router shows no routes, not even connected ones, this is because all interfaces are part of a VRF so the global routing table has no visibility of them.
R3#sh ip ro
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
R3#
Ah, this is more like it - now we can see all the routes for Site_A VRF including connected interfaces. Note the "D" showing that we have EIGRP learned routes
R3#sh ip ro vrf Site_A
Routing Table: Site_A
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
4.0.0.0/32 is subnetted, 1 subnets
D 4.4.4.4 [90/409600] via 192.168.0.1, 01:01:18, FastEthernet0/1
10.0.0.0/24 is subnetted, 1 subnets
C 10.0.0.0 is directly connected, FastEthernet0/0
C 192.168.0.0/24 is directly connected, FastEthernet0/1
We see something similar for Site_B, note the "O" for OSPF learned routes
R3#sh ip ro vrf Site_B
Routing Table: Site_B
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
5.0.0.0/32 is subnetted, 1 subnets
O 5.5.5.5 [110/2] via 192.168.0.1, 00:46:17, FastEthernet1/0
10.0.0.0/24 is subnetted, 1 subnets
C 10.0.1.0 is directly connected, Serial0/0
C 192.168.0.0/24 is directly connected, FastEthernet1/0
Show ip EIGRP neighbours on R3 shows no neighbours, again because they are part of the VRF rather than global to the router (am I labouring the point a bit..?)
R3#sh ip eigrp neighbors
IP-EIGRP neighbors for process 1
Here they are:
R3#sh ip eigrp vrf Site_A neighbors
IP-EIGRP neighbors for process 1
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
1 10.0.0.1 Fa0/0 11 01:03:41 206 1236 0 15
0 192.168.0.1 Fa0/1 14 01:09:27 41 246 0 8
This is a handy command too:
R3#sh ip vrf interfaces
Interface IP-Address VRF Protocol
Fa0/1 192.168.0.254 Site_A up
Fa0/0 10.0.0.254 Site_A up
Fa1/0 192.168.0.254 Site_B up
Se0/0 10.0.1.254 Site_B up
No comments:
Post a Comment