Support User Manuals

Allied Telesis C613-16164-00 REV E Network Card User Manual

Open as PDF

of 91

Configuring a complex inter-VRF solution

Page 46 | Configure VRF-lite

Configuration breakdown

When configuring a complex inter-VFR aware device, such as in our example, the

configuration order is important. We have provided a breakdown before each step to

explain the key points you will need to consider.

CONFIGURE STANDARD ACLS

Configure the

standard ACLs

These standard ACL's are associated with routes maps. The route maps are referenced by

VRF import and export maps. VRF export maps filter routes exported to BGP. VRF import

maps filter routes imported into the VRF domain from BGP. BGP is used to leak routes

between VRFs.

These ACLs should be configured before any inter-VRF communication is configured, to

prevent unnecessary routes from being leaked from one VRF to another.

Configure the

VRFs

Next we configure the six numbered VRFs named red, green, blue, orange, shared and

o

verlap, via the command ip vrf-name number

The optional number parameter creates and assigns a local interfa

ce (LO) to the VRF

instance. This number parameter allows the user to manually control which local interface is

associated with each VRF. If not specified, a local interface is automatically created and

assigned to the VRF instance in the order of VRF creation. Once an LO is created, it remains

assigned to the VRF (including over a reboot), unless manually changed by the user.

Only a single local interface per VRF is supported, and each local interface can be configured

with its own local ip address.

A local interface (also referred to as an internal loopback interface) is an internal interface

that is always available for higher layer protocols to use and advertise to the network.

Although a local interface is assigned an IP address, it does not have the usual requirement of

connecting to a lower layer physical entity.

awplus#conf t

Enter configuration commands, one per line. End with CNTL/Z.

awplus(config)#access-list standard blueBlock4344 deny 192.168.43.0/24

awplus(config)#access-list standard blueBlock4344 deny 192.168.44.0/24

awplus(config)#access-list standard blueBlock4344 permit any

awplus(config)#access-list standard greenBlock4345 deny 192.168.43.0/24

awplus(config)#access-list standard greenBlock4345 deny 192.168.45.0/24

awplus(config)#access-list standard greenBlock4345 permit any

awplus(config)#access-list standard orangeBlock20Export140 deny 192.168.20.0/24

awplus(config)#access-list standard orangeBlock20Export140 permit any

awplus(config)#access-list standard orangeNoBlock permit any

awplus(config)#access-list standard redBlock4445 deny 192.168.44.0/24

awplus(config)#access-list standard redBlock4445 deny 192.168.45.0/24

awplus(config)#access-list standard redBlock4445 permit any

previous next