Tuesday, October 11, 2011

GRE Tunnel with VRF Configuration Example


This is from Cisco.com

Configure

In this section, you are presented with the information to configure the features described in this document.
The configuration is set up in this way:
  • R1-CE and R2-CE are located in VRF BLUE.
  • R1-CE is also located in VRF GREEN through the use of a GRE tunnel to R3-PE.
R1-CE uses a static host route to get to R3-PE (tunnel destination), which ensures that recursive routing does not occur for the GRE tunnel (learning the tunnel destination address through the tunnel).
VRF BLUE and VRF GREEN are owned by two different companies, and no route leaks occur between them. In addition, the access control list (ACL) on the interface between R1-CE and R2-CE can be used to only permit GRE traffic between them.
Note: To find additional information on the commands used in this document, use the Command Lookup Tool ( registered customers only) .

Network Diagram

This document uses this network setup:
Figure 1 – Physical Topology
grewithvrf_01.gif
Figure 2 – Logical VRF Topology
grewithvrf_02.gif

R3-PE# show running-config

Building configuration...
.
!
no ip domain lookup
!
ip vrf blue
 rd 1:1
 route-target export 311:311
 route-target import 411:411
!
ip vrf green
 rd 2:2
 route-target export 322:322
 route-target import 422:422
!
ip cef
!
interface Tunnel0
 ip vrf forwarding green
 ip address 200.200.200.3 255.255.255.0
 tunnel source Ethernet0/0
 tunnel destination 10.10.10.1
 tunnel vrf blue

!--- Tunnel 0 is part of VRF GREEN; but it uses the tunnel
!--- destination and source addresses from the routing
!--- table of VRF BLUE, because of this tunnel vrf blue
!--- command.

!
interface Ethernet0/0
 ip vrf forwarding blue
 ip address 20.20.20.3 255.255.255.0

!--- Connection to the VRF BLUE network and the VRF GREEN
!--- network using the GRE tunnel.

!
interface Ethernet1/0
 ip address 30.30.30.3 255.255.255.0
 tag-switching ip
!
router bgp 1
 no bgp default ipv4-unicast
 bgp log-neighbor-changes
 neighbor 30.30.30.4 remote-as 1
 !
 address-family vpnv4
 neighbor 30.30.30.4 activate
 neighbor 30.30.30.4 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf green
 redistribute connected
 no auto-summary
 no synchronization
 exit-address-family
 !
 address-family ipv4 vrf blue
 redistribute connected
 no auto-summary
 no synchronization
 exit-address-family
!
ip classless
ip route vrf blue 10.10.10.1 255.255.255.255 20.20.20.2

!--- Static Host route to ensure that recursive routing
!--- does not occur.
 
no ip http server
!
.
end
 
Ref: http://www.cisco.com/en/US/tech/tk436/tk428/technologies_configuration_example09186a00801e1294.shtml
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gtgrevrf.html
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t14/feature/guide/gtIPSctm.html#wp1063436
http://www.cisco.com/en/US/docs/routers/10000/10008/feature/guides/122_31sb5/fs_gripvrf.html
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)