"When I have a CE and have segmented multiple customers off of this CE, how
does the uplink / PE know which traffic goes to and from each customer VRF?
I need to inform the PE of which routes to send to the CE and to which VRF
... perhaps this is not possible w/ VRF lite."
The answer is in Ploter email.....as u see in the above example that
he has created the same vrfs in both the routres....if u have more
than one router u need to create the vrfs fro each one of them....
The example uses separate interfaces bw the routers for vrf
communication....but if u have a scenario like this in real the best
option is to go for sub interfaces bw the routers and defineing each
of them in a vrf....
check this...suppose i do the following changes in the config,
R1
interface FastEthernet0/0
ip vrf forwarding CUST1
R2
interface FastEthernet0/0
ip vrf forwarding CUST2
Forget the IP address and rip config......logically wen R1 sends CUST1
routes on F0/0 interface to R2 ...it will appear in R2 as CUST2
routes.....u agree?
i hope this clarifies ...
On Wed, Sep 16, 2009 at 7:04 AM, ALL From_NJ <all.from.nj_at_gmail.com> wrote:
> Many thanks for this. Ok, simple enough ... I appreciate you both writing
> such a good post.
>
> Question though related to internet access and multiple sites.
>
> Lets say we have R1 and R2, just as you have them above. How does each
> router know to keep traffic for each VRF? I do not see labels being used in
> the configs you provide ...
>
> It appears that VRF lite requires dedicated links for forwarding and keeping
> the route updates separate.
>
> I know I am mixing technologies here with this next question, but just
> curious about this ...
>
> When I have a CE and have segmented multiple customers off of this CE, how
> does the uplink / PE know which traffic goes to and from each customer VRF?
> I need to inform the PE of which routes to send to the CE and to which VRF
> ... perhaps this is not possible w/ VRF lite.
>
> Joe - I would imagine that VRF Lite works well with dot1x sub interfaces.
>
> The link I found previously, was somewhat of a mix of regular MPLS VPNS, and
> CSC ... where the CSC configs required the sending of labels, and treated
> this CE device like a customer PE
>
> Understand my confusion when I was reading this? ;-)
>
> VRF lite reminds me a little of private VLANs ... these are similar IMO.
> Although ... w/ VRF lite, I do not see the configuration of a promiscuous
> port ... how to uplink multiple customer VRFs?
>
> Also, on a side note, this would be an odd thing to add to the lab IMO
> ...
>
> Many TIA,
>
> Andrew
>
>
>
> On Tue, Sep 15, 2009 at 4:37 PM, Joe Astorino <jastorino_at_ipexpert.com>wrote:
>
>> The way I understand it, VRF-Lite is basically VRFs but without the BGP to
>> transport the routes. Also, there seems to be a stressing of using switches
>> to trunk to router sub-interfaces for different VRFs.
>>
>>
>> On Tue, Sep 15, 2009 at 4:28 PM, Piotr Matusiak <piotr_at_ccie1.com> wrote:
>>
>>> Hi,
>>>
>>> Believe me or not, but for me VRF lite is only 3-commands feature:
>>> #ip vrf <name>
>>> #rd <asn:nn>
>>> #ip vrf forwarding <name>
>>>
>>> Rest of commands only support prefixes delivery in my opinion.
>>> Take a look at the following config and decide if this is VRF Lite or not
>>> :)
>>>
>>> Topo: R1 ==== R2 (two links, each in separate VRF)
>>>
>>> R1 config:
>>>
>>> ip vrf CUST1
>>> rd 1:1
>>> !
>>> ip vrf CUST2
>>> rd 2:2
>>>
>>> interface Loopback0
>>> ip vrf forwarding CUST1
>>> ip address 1.1.1.1 255.255.255.0
>>> !
>>> interface Loopback1
>>> ip vrf forwarding CUST2
>>> ip address 11.11.11.11 255.255.255.0
>>> !
>>> interface FastEthernet0/0
>>> ip vrf forwarding CUST1
>>> ip address 10.1.12.1 255.255.255.0
>>> !
>>> interface FastEthernet0/1
>>> ip vrf forwarding CUST2
>>> ip address 10.1.21.1 255.255.255.0
>>> !
>>> router rip
>>> version 2
>>> no auto-summary
>>> !
>>> address-family ipv4 vrf CUST2
>>> network 10.0.0.0
>>> network 11.0.0.0
>>> no auto-summary
>>> exit-address-family
>>> !
>>> address-family ipv4 vrf CUST1
>>> network 1.0.0.0
>>> network 10.0.0.0
>>> no auto-summary
>>> exit-address-family
>>> !
>>>
>>>
>>>
>>>
>>>
>>> R2 config:
>>>
>>> ip vrf CUST1
>>> rd 1:1
>>> !
>>> ip vrf CUST2
>>> rd 2:2
>>> !
>>> interface Loopback0
>>> ip vrf forwarding CUST1
>>> ip address 2.2.2.2 255.255.255.0
>>> !
>>> interface Loopback1
>>> ip vrf forwarding CUST2
>>> ip address 22.22.22.22 255.255.255.0
>>> !
>>> interface FastEthernet0/0
>>> ip vrf forwarding CUST1
>>> ip address 10.1.12.2 255.255.255.0
>>> !
>>> interface FastEthernet0/1
>>> ip vrf forwarding CUST2
>>> ip address 10.1.21.2 255.255.255.0
>>> !
>>> router rip
>>> version 2
>>> no auto-summary
>>> !
>>> address-family ipv4 vrf CUST2
>>> network 10.0.0.0
>>> network 22.0.0.0
>>> no auto-summary
>>> exit-address-family
>>> !
>>> address-family ipv4 vrf CUST1
>>> network 2.0.0.0
>>> network 10.0.0.0
>>> no auto-summary
>>> exit-address-family
>>>
>>>
>>> TEST:
>>>
>>> R1#sh ip ro vrf CUST1 rip
>>> 2.0.0.0/24 is subnetted, 1 subnets
>>> R 2.2.2.0 [120/1] via 10.1.12.2, 00:00:09, FastEthernet0/0
>>> R1#
>>>
>>> R1#sh ip ro vrf CUST2 rip
>>> 22.0.0.0/24 is subnetted, 1 subnets
>>> R 22.22.22.0 [120/1] via 10.1.21.2, 00:00:06, FastEthernet0/1
>>>
>>> R1#ping vrf CUST2 22.22.22.22 so lo1
>>>
>>> Type escape sequence to abort.
>>> Sending 5, 100-byte ICMP Echos to 22.22.22.22, timeout is 2 seconds:
>>> Packet sent with a source address of 11.11.11.11
>>> !!!!!
>>> Success rate is 100 percent (5/5), round-trip min/avg/max = 1/20/44 ms
>>> R1#
>>>
>>>
>>>
>>> --
>>> Piotr Matusiak
>>> CCIE #19860 (R&S, SEC)
>>>
>>>
>>>
>>>
>>>
>>> 2009/9/15 ALL From_NJ <all.from.nj_at_gmail.com>:
>>> > Hey folk,
>>> >
>>> > I have not done vrf lite before ... and I found some docs related to
>>> mpls
>>> > lite, but am not able to find much on the doc cd. Here is what I found:
>>> >
>>> >
>>> http://www.cisco.com/en/US/docs/ios/12_2sb/12_2sba/feature/guide/vrflite.html
>>> >
>>> > Any better links than the one above? This seems to be a bit dated and
>>> not
>>> > all the commands work ...
>>> >
>>> > Notes on VRF Lite:
>>> > - VRF Lite appears to be plain MPLS VPNs configured, with the send-label
>>> > command on the PEs, and MPLS configured between PE and CE. Any other
>>> > throughts?
>>> >
>>> > Also, I am looking for some additional lab ideas on MPLS VPNs ...
>>> > configuring them is not too hard, and tshooting my own screwups has been
>>> > entertaining. I am looking for some ideas on ways to make this better.
>>> >
>>> > The config examples are pretty easy to follow in case e get hung up on a
>>> > task ...
>>> >
>>> http://www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_cfg_layer3_vpn_ps6350_TSD_Products_Configuration_Guide_Chapter.html
>>> >
>>> > Many TIA,
>>> >
>>> > --
>>> > Andrew Lee Lissitz
>>> > all.from.nj_at_gmail.com
>>> >
>>> >
>>> > Blogs and organic groups at http://www.ccie.net
>>> >
>>> > _______________________________________________________________________
>>> > Subscription information may be found at:
>>> > http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>> --
>> Regards,
>>
>> Joe Astorino - CCIE #24347 R&S
>> Technical Instructor - IPexpert, Inc.
>> Cell: +1.586.212.6107
>> Fax: +1.810.454.0130
>> Mailto: jastorino_at_ipexpert.com
>>
>
>
>
> --
> Andrew Lee Lissitz
> all.from.nj_at_gmail.com
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Wed Sep 16 2009 - 10:41:28 ART
This archive was generated by hypermail 2.2.0 : Sun Oct 04 2009 - 07:42:03 ART