Solved

Layer 3 Routing with VRFs

Posted on 2014-02-27
4
583 Views
Last Modified: 2014-03-02
Have a topology as follows:

L3 Switch (SWT1) - L2 P2P Link - L3 Switch (SWT2) - L2 P2P Link - L3 Switch (SWT3)

SWT1 is configured with VRFs (very basic configuration) for each VLAN - example:
ip vrf XXX
int vlan 100
ip vrf forwarding XXX
ip address 10.100.100.100 255.255.255.0

It also has a default route for each VRF, pointing to an ASA subinterface on the same subnet (Used for Internet Access) - not really relevant to the task.

SWT2 and SWT3 do not use VRFs and have global routing tables.

Task is to get traffic from a VRF subnet on SWT1 (10.100.100.0/24) to a subnet on SWT3 (10.200.200.0/24)

The hall thing is needed for Servers' Replication Traffic. The Servers preferably need to be in different subnets, hence am trying to understand if there is a way to get them to communicate when on different subnets, connected by Switches using these bizarre L2 Trunks with the added bonus that one of the switches is using VRFs.
0
Comment
Question by:Strinalena
4 Comments
 
LVL 18

Accepted Solution

by:
Akinsd earned 250 total points
ID: 39893139
One option is to use Multiprotocol BGP to link the subnets.

Take a look at the link below

http://packetlife.net/blog/2010/mar/29/inter-vrf-routing-vrf-lite/
0
 
LVL 5

Assisted Solution

by:dinkytoy101
dinkytoy101 earned 250 total points
ID: 39893206
Any reason you couldn't have the L3 interface for the vlan currently on SWT3 actually on SWT1 and just trunk the vlan back at L2, then you have both in the same VRF?
0
 

Author Comment

by:Strinalena
ID: 39893224
So you mean to configure on SWT1:

interface vlan 200
ip vrf forwarding XXX (same as the VRF used currently on SWT1)
ip address 10.200.200.200 255.255.255.0

Allow the VLAN from SWT3 to SWT1 over the Trunks and set the default gateway on the servers connected to SWT3 to point to the above?
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 39894395
Where is the ASA in all this?

It looks like you could just allow 10.100.100.0/24 to route to 10.200.200.0/24 via an interface which connects the ASA to the L3 switch (physically or over a trunk).
0

Featured Post

Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now