3.3.f Implement and troubleshoot VRF lite,

one of the building blocks for mpls is vrf… rene has a good lab  on this here…

http://gns3vault.com/MPLS/vrf-routing.html

it’s been a while since i configured vrf so this was a nice refresher… remember that when you set an interface to forward vrf it whacks the ip address and needs to be reset…

rene_vrf_ss

seems simple enough… one of the things rene’s labs do well is  concentrate on a single concept…

Sulu(config)#ip vrf sulu
Sulu(config-vrf)#int lo0
Sulu(config-if)#ip vrf forward sulu
% Interface Loopback0 IP address 1.1.1.1 removed due to enabling VRF sulu
Sulu(config-if)#ip add 1.1.1.1 255.255.255.0
Sulu(config-if)#int lo1
Sulu(config-if)#ip vrf forward sulu
% Interface Loopback1 IP address 11.11.11.11 removed due to enabling VRF sulu
Sulu(config-if)#ip add 11.11.11.11 255.255.255.0

again, my only complaint about rene’s labs are his stupid router names…small complaint there…

set up the interfaces on the other side:

Chekov(config-if)#do sh ip vrf int
Interface              IP-Address      VRF                              Protocol
Lo0                    2.2.2.2         chekov                           up
Lo1                    22.22.22.22     chekov                           up

the next thing is to set up a tunnel between the routers… if you add the tunnel to the vrf’s first you won’t have to retype the ip address… make the tunnel address anything you want, but the tunnel source and destination need to be the physical link…

Sulu(config-if)#int tun 0
Sulu(config-if)#ip vrf forward sulu
Sulu(config-if)#ip add 192.168.21.1 255.255.255.0
Sulu(config-if)#tunnel source 192.168.12.1
Sulu(config-if)#tunnel dest 192.168.12.2
Sulu(config-if)#
*Mar  1 00:09:27.983: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up

for the source you can use the interface or the address; i prefer using addresses…

Chekov(config-if)#do sh ip vrf int
Interface              IP-Address      VRF                              Protocol
Lo0                    2.2.2.2         chekov                           up
Lo1                    22.22.22.22     chekov                           up
Tu0                    192.168.21.2    chekov                           up

use a routing protocol for the vrf to bring it up…

Chekov(config-if)#router eigrp 1
Chekov(config-router)#address-family ipv4 vrf chekov
Chekov(config-router-af)#netw 2.2.2.0
Chekov(config-router-af)#netw 22.22.22.0
Chekov(config-router-af)#netw 192.168.21.0
Chekov(config-router-af)#autonomous-system 1
Chekov(config-router-af)#
*Mar  1 00:15:05.695: %DUAL-5-NBRCHANGE: IP-EIGRP(1) 1: Neighbor 192.168.21.1 (Tunnel0) is up: new adjacency
Chekov(config-router-af)#

Sulu(config-router-af)#do sh ip route vrf sulu | b Gate
Gateway of last resort is not set

1.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C       1.1.1.0/24 is directly connected, Loopback0
D       1.0.0.0/8 is a summary, 00:01:52, Null0
D    2.0.0.0/8 [90/297372416] via 192.168.21.2, 00:01:06, Tunnel0
D    22.0.0.0/8 [90/297372416] via 192.168.21.2, 00:01:06, Tunnel0
C    192.168.21.0/24 is directly connected, Tunnel0
11.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C       11.11.11.0/24 is directly connected, Loopback1
D       11.0.0.0/8 is a summary, 00:01:52, Null0

Sulu#ping vrf sulu 22.22.22.22

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 22.22.22.22, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/16/24 ms
Sulu#trace vrf sulu 22.22.22.22

Type escape sequence to abort.
Tracing the route to 22.22.22.22

1 192.168.21.2 16 msec *  12 msec