Example for Configuring Basic VRF
Networking Requirements
Figure 1. VRF Configuration Example
As shown in Figure 1, users of Site1 and Site2 use overlapping IP addresses when accessing the internet from an interface of CE. Deploy VRF function on the CE to segregate the users' routing spaces on Site1 and Site2.
- Configure VRFs vrf1 and vrf2 on CE.
- Create Layer 3 VLAN interfaces VLAN10 and VLAN20 on user access interface te-1/1/3, Layer 3 VLAN interfaces VLAN11 and VLAN21 on the interface te-1/1/4 connected to PE. Set the overlapping IP address 172.168.1.1 to VLAN10 and VLAN20, 192.168.2.1 to VLAN11 and VLAN21.
- Bind the Layer 3 VLAN interfaces VLAN10 and VLAN11 to vrf1, VLAN20 and VLAN21 to vrf2.
- Configure a static route for each VRF for data forwarding. For example, the destination network segment is 10.10.1.0/24, the next hop is 172.168.1.3.
Procedure
Step1 Enable IP routing function before using VRF function.
admin@XorPlus# set ip routing enable true
Step2 Create two VRFs.
admin@Xorplus# set ip vrf vrf1 description East admin@Xorplus# set ip vrf vrf2 description West
Step3 Configure the VLAN and L3 VLAN interface.
admin@XorPlus# set vlans vlan-id 10 admin@XorPlus# set vlans vlan-id 20 admin@XorPlus# set vlans vlan-id 11 admin@XorPlus# set vlans vlan-id 21 admin@XorPlus#set interface gigabit-ethernet te-1/1/3 family ethernet-switching port-mode trunk admin@XorPlus#set interface gigabit-ethernet te-1/1/3 family ethernet-switching vlan members 10 admin@XorPlus#set interface gigabit-ethernet te-1/1/3 family ethernet-switching vlan members 20 admin@XorPlus#set interface gigabit-ethernet te-1/1/4 family ethernet-switching port-mode trunk admin@XorPlus#set interface gigabit-ethernet te-1/1/4 family ethernet-switching vlan members 11 admin@XorPlus#set interface gigabit-ethernet te-1/1/4 family ethernet-switching vlan members 21 admin@XorPlus# set l3-interface vlan-interface vlan10 address 172.168.1.1 prefix-length 24 admin@XorPlus# set l3-interface vlan-interface vlan20 address 172.168.1.1 prefix-length 24 admin@XorPlus# set l3-interface vlan-interface vlan11 address 192.168.2.1 prefix-length 24 admin@XorPlus# set l3-interface vlan-interface vlan21 address 192.168.2.1 prefix-length 24 admin@XorPlus# set vlans vlan-id 10 l3-interface vlan10 admin@XorPlus# set vlans vlan-id 20 l3-interface vlan20 admin@XorPlus# set vlans vlan-id 11 l3-interface vlan11 admin@XorPlus# set vlans vlan-id 21 l3-interface vlan21
Step4 Bind the Layer 3 VLAN interface to the VRF.
admin@XorPlus# set l3-interface vlan-interface vlan10 vrf vrf1 admin@XorPlus# set l3-interface vlan-interface vlan11 vrf vrf1 admin@XorPlus# set l3-interface vlan-interface vlan20 vrf vrf2 admin@XorPlus# set l3-interface vlan-interface vlan21 vrf vrf2
Step5 (Optional) Configure a static route entry into the VRF, the destination network segment is 10.10 1.0/24, the next hop is 172.168.1.3.
admin@XorPlus# set protocols static vrf vrf1 route 10.10.1.0/24 next-hop 172.168.1.3 admin@XorPlus# set protocols static vrf vrf2 route 10.10.1.0/24 next-hop 172.168.1.3
Verify the Configuration
- You can use the run show vrf command to view the binding information between VRFs and the Layer 3 VLAN interfaces.
admin@Xorplus# run show vrf Vrf Description Interfaces ---------- --------------- --------------------- vrf1 vlan10,vlan11 vrf2 vlan20,vlan21
- You can use the run show route vrf command to check the routing table information of the specific VRF.
admin@XorPlus# run show route vrf vrf1 show ip route vrf vrf1 ======================= Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR, f - OpenFabric, > - selected route, * - FIB route, q - queued, r - rejected, b - backup t - trapped, o - offload failure VRF vrf1: S>* 10.10.1.0/24 [1/0] via 172.168.1.3, vlan10, weight 1, 00:00:45 C>* 172.168.1.0/24 is directly connected, vlan10, 00:04:43 C>* 192.168.2.0/24 is directly connected, vlan11, 00:04:45 admin@XorPlus# run show route vrf vrf2 show ip route vrf vrf2 ======================= Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR, f - OpenFabric, > - selected route, * - FIB route, q - queued, r - rejected, b - backup t - trapped, o - offload failure VRF vrf2: S>* 10.10.1.0/24 [1/0] via 172.168.1.3, vlan20, weight 1, 00:00:59 C>* 172.168.1.0/24 is directly connected, vlan20, 00:04:56 C>* 192.168.2.0/24 is directly connected, vlan21, 00:04:59
You can use the run show route forward-route command to check the hardware route forwarding table information of the specific VRF.
admin@XorPlus# run show route vrf vrf1 forward-route ipv4 all Destination NextHopMac Port --------------- ----------------- --------- 192.168.2.0/24 CC:37:AB:BE:0E:D1 connected 172.168.1.0/24 CC:37:AB:BE:0E:D1 connected 10.10.1.0/24 04:7D:7B:62:93:FF te-1/1/3
Copyright © 2024 Pica8 Inc. All Rights Reserved.