BGP and VRF routing

Posted on by Junior Taitt

vrf-topology

 

Hopefully the above diagram is clear enough. The topology from R1 u to R4 and R6 to R9 runs two VRFs
  • CIA and FBI
  • BGP runs between R6 and R9 only
  • R5 does not take part in any VRF routing, there is a GRE tunnel between R4 and R6
  • R6 does inter-VRF routing
  • Fx/x.11 = CIA VRF
  • Fx/x.12 = FBI VRF

So, Data from R1 travels along the path to R4, goes over an IPsec protected GRE tunnel to R6 which is then Inter-VRF routed.

 

R1#traceroute vrf cia 172.30.12.1

Type escape sequence to abort.
Tracing the route to 172.30.12.1

  1 192.168.12.2 24 msec 48 msec 24 msec (R2)
  2 192.168.23.3 100 msec 56 msec 28 msec (R3)
  3 192.168.34.4 64 msec 48 msec 72 msec (R4)
  4 192.168.46.6 112 msec 140 msec 164 msec (R6)

      and here it does the U-Turn 🙂

  5 172.30.46.4 184 msec 160 msec 152 msec (R4)
  6 172.30.34.3 180 msec 180 msec 196 msec (R3)
  7 172.30.23.2 208 msec 212 msec 180 msec (R2)
  8 172.30.12.1 224 msec *  236 msec (R1)

Config here -> VRF LITE BLOG

 

Leave a comment