Configuring VRF Lite on Cisco Routers (for CCNP ROUTE Candidates)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey everybody this is Kevin Wallace cc CAE and creator of the route complete video course and in this video you're going to learn how we can have multiple virtual router instances running on a single physical router stay tuned have you ever used some sort of virtualization software maybe you've run a VM where you've got multiple virtualized servers running on a single physical server well that's a great way to save resources by eliminating the need for extra physical servers well really similar to how we can virtualize multiple servers on a single physical server check this out we can virtualize multiple routers on a single physical router now each of these virtual routers can have their own independent IP routing table and are logically isolated from the other virtual routers that are residing inside of that same physical router this can offer a solution to service providers as an example the service provider might want to keep their customers network traffic separated maybe they want to have the IP routing tables of their different customers logically separate so they're not seeing one another's routes or maybe in a large enterprise maybe we've got this design requirement to segregate different applications maybe we want to segregate voice and video and data that's what we going to be doing in this example now one solution that cisco offers that makes all this possible is something called vrf lite now some of the Cisco literature defines the vrf as VPN routing / forwarding because it's commonly used in VPN environments but you're going to run into other literature out there the from cisco that defines vrf as virtual routing and forwarding which is the definition that I typically used about the way each virtualized router is referred to as a vrf so a single physical router could be hosting multiple V ahrefs and while it's great that a single physical router can be running multiple virtual router instances the question comes up how does the physical router keep traffic from the virtualized routers separate when sending data to a neighboring switch or router well the solution is actually pretty simple and similar to the old router on a stick approach of having a router interface configured as an attribute if you got one cue trunk interface with different sub interfaces for each VLAN and also even though it's beyond the scope of this introductory video I want you to be aware that vrf light can be configured to leak as called one or more routes between different router instances now to demonstrate a basic vrf light configuration first consider the topology shown here on screen the vrf light is configured on the common router and the fastethernet 0/0 interface on the common router has three sub interfaces one to carry traffic for each of the three V ahrefs the V ahrefs are going to be named voice data and video and traffic from these three V ahrefs flow over a dot1q trunk to switch SW 1 which then sends traffic out to the appropriate destination router based on VLAN membership specifically the voice v RF it's going to use VLAN to the Dana v RF it's going to use VLAN 3 the video v RF it's going to use VLAN 4 and I want to show you the three steps to set up a basic v RF light configuration step number one we want to globally define a one or more v RF here's how we do that on the common router let's go into global configuration mode and we simply say IP v RF and we give a name I'm going to say IP v RF data as one of my VR FS let's exit from that give the command again this time it's going to be IP v RF video and now we'll do IP v RF voice we've now created our 3v ahrefs step number two is to assign an interface or a sub interface to these vrf instances let me show you the configuration that I have for these sub interfaces that I was telling you about notice for fastethernet 0/0 I've got these three sub interfaces fastethernet 0/0 2.3.4 and here are the VLAN assignments for these different sub interfaces what we want to do is to go into sub interface configuration mode for each of these three sub interfaces and say hey you belong to this particular vrf let's do that by going into interface fastethernet 0/0 dot two to begin with and I'll say IP vrf forwarding and I'm going to give a vrf name and I'm going to say this one is for voice VLAN two is for the voice vrf let's go into interface fastethernet 0/0 dot three and we'll say IP vrf forwarding and this one's going to be data let's do it four or five Stephen at zero session 0.4 this one's going to be for video now let's take another look at our configuration let's do a quick show run scroll down and see what we have notice that we did get those error messages because we're kicking in vrf it got rid of the IP addresses on these sub interfaces so we need to go add those back let's do that real quick we'll go into interface fastethernet 0/0 dot two and I'll say IP address and it's 190 2.0 2.1 we've got a 30 bit subnet mask so thats 255.255.255.0 let's go into interface fastethernet 0/0 dot three and we're still going to have a thirty bit subnet mask and we're going to have an IP address of 190 8.51 dot 100 got one finally interface fastethernet 0/0 dot four still have a thirty bit subnet mask but let's change the IP address to two zero three zero one three n-- dot one great now let's take a look at our running config here we see the creation of those V ahrefs scroll down just a bit and we see for each of our sub interfaces we've got a VLAN assignment we're being part of this dot1q trunk we've got our vrf assignment and we've got our IP address things are looking great that was step two step three is we want to associate a routing process with each of these V ahrefs here's how we can do that let's go back into global configuration mode and I'm going to say router and I'll use OSPF router OSPF and I'll give a process idea of one and I'll say this is going to be associated with v RF voice and I want any interfaces in this vrf to participate so I'm simply going to say network 0.0.0.0 255.255.255.0 v that's a shortcut way of saying hey I want all the interfaces to participate again this is only interfaces that are part of this V RF and I'm going to say you all belong to area 0 let's do the same thing for the date of v RF the process ID will say it's to the v RF is data oh by the way did you notice this status update for process ID one we just formed an OSPF adjacency fantastic now let's add a similar command here in fact let's add identical command here to say we want all of the data vrf interfaces participating in this OSPF process ID two will enter that one more to go we're going to say that we want to have OSPF process ID three and it's going to be associated with vrf video let's put a space in there and also I want all of the video vr f sub interfaces or interfaces to participate in area 0 great we've now configured v RF specifically v RF light on this common router now let's do some verification we can use the show IP v RF command to display the v RF s-- that i've created on this router we have these 3 v RF s-- created we could also say show IP route v RF and I could give a v RF name here for example I could say voice and it's going to show me the routing table for the voice of e RF and notice that we have learned one network of via OSPF network 10.1.1.1 tell by looking at the topology that is connected off of the voice router going to switch SW to excellent we could do the same thing for the data v RF it's learned about network 172 16.1 zero that's connecting the data router to switch SW 3 and just for completion sake let's do the video vrf and it's learned about the one ninety two dot one sixty eight dot one dot zero network connecting the video router over to switch SW four and we can also use a vrf specific paying to test connectivity with remote IP address for example let's say that we're on the common router and we want to ping fastethernet 0/1 over on the vorse router and that interface has an IP address of 10.1.1.1 how does the common router know it needs to reach the IP address using the voice of vrf well we can specify that as part of the ping command I can say ping vrf voice so it knows which vrf we're using then I give the IP address of 10.1.1.1 and it is successful well we had one timeout let's try it again that's better it was successful well I hope you've enjoyed this discussion and demonstration of vrf Lite fundamentals this is something that's covered in Cisco's route training one of the three courses making up the CCNP and routing and switching certification in fact I have a route complete video course you can check it out at kW train comm / route course that's KW train comm / route course thanks for watching if you want to learn even more about cisco routing and switching technologies just click the link in the description or on the right side of the screen and i'll send you more training videos and also if you don't miss any of my youtube videos be sure and subscribe thanks for watching and I'll see you next time you

Info

Channel: Kevin Wallace Training, LLC

Views: 44,723

Rating: 4.952024 out of 5

Keywords:

Id: OHW48VW3R1Q

Channel Id: undefined

Length: 10min 38sec (638 seconds)

Published: Tue Jun 07 2016