VRF Lite

From IPFlow Netflow Collector

VRF Lite Example

This is a simple example of VRF Lite configuration on Cisco routers (using Dynamips and GNS3).

Author: Christophe Fillot - 06-Nov-2007


Table of contents
1 Topology
2 IOS configurations
3 Dynamips/Dynagen/GNS3 configuration
4 Description
5 Configuration
6 R1 Routing tables
7 R3 Routing tables
[edit]

Topology

Image:VRF_Lite_topo.png


[edit]

IOS configurations

  • R0 (http://www.ipflow.utc.fr/configs/VRF_Lite/R0.cfg)
  • R1 (http://www.ipflow.utc.fr/configs/VRF_Lite/R1.cfg)
  • R2 (http://www.ipflow.utc.fr/configs/VRF_Lite/R2.cfg)
  • R3 (http://www.ipflow.utc.fr/configs/VRF_Lite/R3.cfg)


[edit]

Dynamips/Dynagen/GNS3 configuration

You can use this configuration file (http://www.ipflow.utc.fr/configs/VRF_Lite/vrf_lite.net) directly with Dynagen or GNS3. Change the working directory and Cisco IOS image path to match your needs.


[edit]

Description

As you can see, you can use VRF without MPLS on a network. It is very useful when you want to deploy network virtualization on the campus, as explained in this Cisco document (http://www.cisco.com/en/US/netsol/ns658/netbr0900aecd804a17db.html) ("VRF as an End-to-End Solution")


[edit]

Configuration

  • Routers R0, R1 and R2 exchange VPN routes with OSPF ;
  • Routers R1 and R3 exchange routes with EIGRP.


There is an example of route redistribution between OSPF and EIGRP on router R1: 

router eigrp 100
 no auto-summary
 !
 address-family ipv4 vrf VPN3
  redistribute ospf 30 vrf VPN3 metric 100000 100 255 1 1500
  network 100.30.3.0 0.0.0.255
  no auto-summary
  autonomous-system 100
 exit-address-family
 !        
 address-family ipv4 vrf VPN2
  redistribute ospf 20 vrf VPN2 metric 100000 100 255 1 1500
  network 100.20.3.0 0.0.0.255
  no auto-summary
  autonomous-system 100
 exit-address-family
 !        
 address-family ipv4 vrf VPN1
  redistribute ospf 10 vrf VPN1 metric 100000 100 255 1 1500
  network 100.10.3.0 0.0.0.255
  no auto-summary
  autonomous-system 100
 exit-address-family
!         
router ospf 10 vrf VPN1
 log-adjacency-changes
 redistribute eigrp 100 subnets
 network 100.10.0.0 0.0.255.255 area 0
!         
router ospf 20 vrf VPN2
 log-adjacency-changes
 redistribute eigrp 100 subnets
 network 100.20.0.0 0.0.255.255 area 0
!         
router ospf 30 vrf VPN3
 log-adjacency-changes
 redistribute eigrp 100 subnets
 network 100.30.0.0 0.0.255.255 area 0
!


[edit]

R1 Routing tables

Global routing table: 

R1#sh ip ro
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set


VPN1 routing table: 

R1#sh ip ro vrf VPN1

Routing Table: VPN1
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     100.0.0.0/8 is variably subnetted, 7 subnets, 2 masks
C       100.10.2.0/30 is directly connected, FastEthernet1/0.10
O       100.10.0.2/32 [110/2] via 100.10.2.2, 00:50:51, FastEthernet1/0.10
C       100.10.3.0/30 is directly connected, FastEthernet2/0.10
D       100.10.0.3/32 [90/156160] via 100.10.3.2, 00:39:46, FastEthernet2/0.10
O       100.10.0.0/32 [110/2] via 100.10.1.1, 00:50:51, FastEthernet0/0.10
C       100.10.1.0/30 is directly connected, FastEthernet0/0.10
C       100.10.0.1/32 is directly connected, Loopback100


[edit]

R3 Routing tables

Global routing table: 

R3#sh ip ro      
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set


VPN1 routing table: 

R3#sh ip ro vrf VPN1

Routing Table: VPN1
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     100.0.0.0/8 is variably subnetted, 7 subnets, 2 masks
D EX    100.10.2.0/30 [170/53760] via 100.10.3.1, 00:30:00, FastEthernet0/0.10
D EX    100.10.0.2/32 [170/53760] via 100.10.3.1, 00:30:00, FastEthernet0/0.10
C       100.10.3.0/30 is directly connected, FastEthernet0/0.10
C       100.10.0.3/32 is directly connected, Loopback100
D EX    100.10.0.0/32 [170/53760] via 100.10.3.1, 00:30:00, FastEthernet0/0.10
D EX    100.10.1.0/30 [170/53760] via 100.10.3.1, 00:30:00, FastEthernet0/0.10
D EX    100.10.0.1/32 [170/53760] via 100.10.3.1, 00:30:00, FastEthernet0/0.10
Retrieved from "http://www.ipflow.utc.fr/index.php/VRF_Lite"