TICKET 7

From topology R16 and R18 have their common link into 2 different vrfs CUSTA on 16 and A on 18 how can they communicate on that link?

Thanks for any help

Comments

  • The concept of a VRF is local to the device. I don't mean to put you down in any way but if you don't understand that, you better go back and re-learn how VRFs work. To give you an analogy, you can have switch-A connect to switch-B on an 'access' link and each switch can use a different vlan and still ping each other. As long as the interfaces on a device are mapped to a given VRF consistently, all incoming traffic will go into that VRF because the interface has been configured to be part of that VRF. When traffic leaves the device, the VRF is no longer applicable because it is only local to that device. It is not like a 802.1Q tag that it accompanies the IP packet and the neighboring device cannot accept the traffic because the VRF doesn't match. The receiving device can 'accept' the traffic in whatever VRF it defines locally and enables on the receiving interface.

  • Thank you for your reply.

    I never found this concept particularly difficult.It is a partitioning of the global routing table.

    Router 16 create this sector gives it a name and includes interface/s into it.The network associated with that interface will be included into

    the vrf and will not be part of the global routing table.If R16 links via a single link to R18 and 18 maps the link to a different vrf being

    the 2 partitions different the networks associated with the 2 vrf wont  be able to ping each other.This can be proved easily.I agree when 

    traffic leaves r18 this is not anymore unless other outgoing interfaces are mapped the same way.

    I could create subinterfaces on the link and one of them could be in the same vrf as R16 then matters will be different.

    Then I found out the capability vrf-lite under the ospf process solves this problem,for what I have understood since ospf does not check

    the vrf anymore.

    Correct me please if what I said is based on not understanding the issue and thanks very much for your time.

     

     

     

  • If R16 links via a single link to R18 and 18 maps the link to a different vrf being

    the 2 partitions different the networks associated with the 2 vrf wont  be able to ping each other.This can be proved easily.

    No, they should still be able to communicate because the VRF is local to the device. Do you not see that in the lab, R16 can ping R18 on that link with each using a different VRF? Let me know if I have misunderstood what you're saying.


    R16#ping vrf CustA 172.23.16.18
    Type escape sequence to abort.
    Sending 5, 100-byte ICMP Echos to 172.23.16.18, timeout is 2 seconds:
    !!!!!
    Success rate is 100 percent (5/5), round-trip min/avg/max = 88/97/108 ms


    R16:

    interface GigabitEthernet1.1618
     encapsulation dot1Q 1618
     vrf forwarding CustA
     ip address 172.23.16.16 255.255.255.0
     ip ospf network point-to-point
     ip ospf 22 area 10
     ipv6 address 2004:172:23:16::16/64
    end


    R18:

    interface GigabitEthernet1.1618
     encapsulation dot1Q 1618
     ip vrf forwarding A
     ip address 172.23.16.18 255.255.255.0
     ip ospf network point-to-point
     ip ospf 22 area 10
     ip ospf cost 2
     ipv6 address 2004:172:23:16::18/64
    end

  • Hi

    when I do the TSHOOT lab instead of copying and paste the configuration I start from scratch going layer by layer.

    That specific ticket was a multicasting one,but before getting to that I had to build the igp,mpls etc.

    When I saw the link between R16 and R18 in 2 different vrf that went against the basic principle,the way I understood it,that mixing 

    traffic between different vrf should not be possible.What I mean on the same link when that link has been mapped to 2 different vrf.But in

    that case : 

    router ospf 22 vrf A

     capability vrf-lite

     area 10 virtual-link 192.168.1.16

     area 20 virtual-link 122.1.1.20

    made it possible.Try to do it without that on R18 and R16.

    Off course shaking our so called foundations can only be good for understanding them better.Still I stick to my idea,but more

    than happy to change it if necessary.

    If the link is divided in subinterfaces then so called multi-vrf can be applied.I understand is a common practice with ISPs if the client 

    want to save money.

     

Sign In or Register to comment.