loader
  • Subject-matter expert for interconnecting the nodes
  • HomeIntroduction to IP Routing and VRF Lite

Introduction to IP Routing and VRF Lite

CiscoData Center
Hossein O.
0 Comments

Network Layer Jobs

IP Routing One of the main roles of the Network layer is to forward packets between hosts. A host can send a packet to:

  • Itself: Host can use it’s own interface IP or its loopback address to send a packet to itself.
  • Same local network: When a host wants to send a packet to someone else, it checks if the destination is in the different network or in the same network (how? with its IP/Mask parameters). If the destination is in the same network, host sends an ARP request to find the destination MAC.
  • Different network: If the destination is in the different network than our host, the host will send an ARP request to find the destination MAC address of it’s default gateway.

Another role of the network layer is to provide a/some loop-free path(s). There is three general classes of solutions which widely deployed to provide a loop-free path for packet forwarding:

  • Distance-Vector Protocols: calculates a loop-free paths hop by hop based on the path metric.
    • RIP/EIGRP
    • Interarea OSPF
  • Link-State Protocols: calculates a loop-free path based on a database synced between the routers in an area.
  • Path-Vector Protocols: calculates a loop-free paths hop by hop based a record of previous hops
    • BGP

Routing Protocols vs Routed/Routable Protocols:

  • Routing protocols: Static, OSPF, BGP, EIGRP
  • Routed protocols or routable protocols: IP, IPv6

How does a router do classless routing?

  1. It checks its routing table to find the longest prefix. If there is a tie, go to 2.
  2. Least Administrative Distance (AD): If there is a tie, go to 3. Here are some ADs with Cisco software
    • Connected: 0
    • Static: 1
    • eBGP: 20
    • OSPF: 110
    • IS-IS: 115
    • iBGP 200
  3. Metric: If there is a tie: then load-share the traffic.

IP Routing: Static Route and Default route

You can configure a static route by specifying next-hop value and local outgoing interface (although both are not required together).

When the destination is 0.0.0.0/0, the static route is called static default route or simply a default route.

N9K01# configure terminal
N9K01(config)# ip route 172.30.30.0/24 ethernet 1/1 100.64.1.1

IP Routing: Virtual Routing and Forwarding (VRF) Lite

VRFs is to a router as VLAN is to a switch. VRF creates a new instance of routing table inside NX-OS. You need to create a VRF, then assign the interfaces to that VRF. The interfaces which are not in any VRF, are part of default VRF. Mgmt interface is by default part of Management VRF.

Remember, since we have different routing table, addressing as a result can overlap within different VRFs.

Configuration:

! Create a VRF Context
N9K01(config)# vrf context CX-1
N9K01(config-vrf)# exit
! Assign L3 Interface to the VRF
N9K01(config)# interface loopback 101
N9K01(config-if)# no switchport
N9K01(config-if)# vrf member CX-1
! Create a static route into the VRF
N9K01(config-if)# vrf context CX-1
N9K01(config-vrf)# ip route 172.30.30.0/24 100.64.1.1

VRF Workshop 2

In this workshop are are going to interconnect two nexus switches each with two

IP Routing and VRF Lite
VRF Lite Workshop

Configuration:

N9K01:

vrf context CX-1
exit
vrf context CX-2
exit
interface loopback 101
  vrf member CX-1
  ip address 172.20.20.1/24
  no shutdown
interface loopback 102
  vrf member CX-2
  ip address 172.20.20.1/24
exit
interface ethernet 1/1
  vrf member CX-1
  ip address 100.64.1.0/31
  no shutdown
interface ethernet 1/2
no switchport
  vrf member CX-2
  ip address 100.64.2.0/31
  no shutdown
exit
vrf context CX-1
  ip route 172.30.30.0/24 100.64.1.1
vrf context CX-2
  ip route 172.31.31.0/24 100.64.2.1

N9K02:

vrf context CX-1
exit
vrf context CX-2
exit
interface loopback 101
  vrf member CX-1
  ip address 172.30.30.1/24
  no shutdown
interface loopback 102
  vrf member CX-2
  ip address 172.31.31.1/24
exit
interface ethernet 1/1
  vrf member CX-1
  ip address 100.64.1.1/31
  no shutdown
interface ethernet 1/2
no switchport
  vrf member CX-2
  ip address 100.64.2.1/31
  no shutdown
exit
vrf context CX-1
  ip route 172.20.20.0/24 100.64.1.0
vrf context CX-2
  ip route 172.20.20.0/24 100.64.2.0

Verification:

Verify the routing table for each VRF:

N9K01# show ip route vrf CX-1
IP Route Table for VRF "CX-1"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

100.64.1.0/31, ubest/mbest: 1/0, attached
    *via 100.64.1.0, Eth1/1, [0/0], 00:12:42, direct
100.64.1.0/32, ubest/mbest: 1/0, attached
    *via 100.64.1.0, Eth1/1, [0/0], 00:12:42, local
172.20.20.0/24, ubest/mbest: 1/0, attached
    *via 172.20.20.1, Lo101, [0/0], 00:14:16, direct
172.20.20.1/32, ubest/mbest: 1/0, attached
    *via 172.20.20.1, Lo101, [0/0], 00:14:16, local
172.30.30.0/24, ubest/mbest: 1/0
    *via 100.64.1.1, [1/0], 00:06:02, static

N9K01# show ip route vrf CX-2
IP Route Table for VRF "CX-2"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

100.64.2.0/31, ubest/mbest: 1/0, attached
    *via 100.64.2.0, Eth1/2, [0/0], 00:11:36, direct
100.64.2.0/32, ubest/mbest: 1/0, attached
    *via 100.64.2.0, Eth1/2, [0/0], 00:11:36, local
172.20.20.0/24, ubest/mbest: 1/0, attached
    *via 172.20.20.1, Lo102, [0/0], 00:13:54, direct
172.20.20.1/32, ubest/mbest: 1/0, attached
    *via 172.20.20.1, Lo102, [0/0], 00:13:54, local
172.31.31.0/24, ubest/mbest: 1/0
    *via 100.64.2.1, [1/0], 00:06:08, static

Verify the end host reachability:

N9K01# ping 172.30.30.1 source-interface loopback 101
PING 172.30.30.1 (172.30.30.1): 56 data bytes
64 bytes from 172.30.30.1: icmp_seq=0 ttl=254 time=16.409 ms
64 bytes from 172.30.30.1: icmp_seq=1 ttl=254 time=2.995 ms
64 bytes from 172.30.30.1: icmp_seq=2 ttl=254 time=2.856 ms
64 bytes from 172.30.30.1: icmp_seq=3 ttl=254 time=2.728 ms
64 bytes from 172.30.30.1: icmp_seq=4 ttl=254 time=2.768 ms

--- 172.30.30.1 ping statistics ---
5 packets transmitted, 5 packets received, 0.00% packet loss
round-trip min/avg/max = 2.728/5.551/16.409 ms

N9K01# ping 172.31.31.1 source-interface loopback 101

PING 172.31.31.1 (172.31.31.1): 56 data bytes
36 bytes from 172.20.20.1: Destination Net Unreachable
Request 0 timed out
36 bytes from 172.20.20.1: Destination Net Unreachable
Request 1 timed out
36 bytes from 172.20.20.1: Destination Net Unreachable
Request 2 timed out
36 bytes from 172.20.20.1: Destination Net Unreachable
Request 3 timed out
36 bytes from 172.20.20.1: Destination Net Unreachable
Request 4 timed out

--- 172.31.31.1 ping statistics ---
5 packets transmitted, 0 packets received, 100.00% packet loss

N9K01# ping 172.31.31.1 source-interface loopback 102

PING 172.31.31.1 (172.31.31.1): 56 data bytes
64 bytes from 172.31.31.1: icmp_seq=0 ttl=254 time=3.784 ms
64 bytes from 172.31.31.1: icmp_seq=1 ttl=254 time=2.852 ms
64 bytes from 172.31.31.1: icmp_seq=2 ttl=254 time=2.133 ms
64 bytes from 172.31.31.1: icmp_seq=3 ttl=254 time=1.635 ms
64 bytes from 172.31.31.1: icmp_seq=4 ttl=254 time=2.783 ms

--- 172.31.31.1 ping statistics ---
5 packets transmitted, 5 packets received, 0.00% packet loss
round-trip min/avg/max = 1.635/2.637/3.784 ms

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Posts

Recent Comments

Archives

Categories

Elissa Garlin

Think of a news blog that’s filled with content hourly on the day of going live.

Recent Posts

Categories

Tags

BGP EVPN Broadcast CCIE CCIE DC CCNP cisco Clos network CyberSecurity Data Center datacenter DC Exchange GNU/Linux Incident Response InfoSec IS-IS Kali Layer 2 Connectivity Layer 2 Technologies linus torvalds Linux linux bash linux basic commands linux commands Linux file structure Linux file system linux path linux tutorial lpic1 lpic1 linux Multitenancy Network Network Virtualization Overlay Nexus NVO NX-OS NXOS Overlay shell Underlay Unicast Virtual eXtensible LAN VNI VTEP VXLAN