In this scenario we have two internet line and separate the user group for internet using.
I want to setup NET_G1 group use internet line 1 and NET_G2 group use internet line 2.
At NET_G1 sale and MKT department are included and at NET_G2 HR and IT are included.
First step create the vrf.
R1/R4/R5
ip vrf NET_G1
ip vrf NET_G2
Second step -set the interfaces belong to vrf.
R1
ip vrf NET_G1
ip vrf NET_G2
int f0/0
ip vrf forwarding NET_G1
ip add 10.10.10.2 255.255.255.252
description Internet 1
no sh
int f1/0
no sh
ip vrf forwading NET_G2
ip add 172.16.12.2 255.255.255.252
description Internet 2
no sh
int f2/0
no sh
int f2/0.10
encapsulation dot1q 10
ip vrf for NET_G1
ip add 192.168.14.1 255.255.255.252
int f2/0.20
encapsulation dot1q 20
ip vrf for NET_G2
ip add 192.168.14.1 255.255.255.252
int f3/0
no sh
int f3/0.10
encapsulation dot1q 10
ip vrf for NET_G1
ip add 192.168.15.1 255.255.255.252
int f3/0.20
encapsulation dot1q 20
ip vrf for NET_G2
ip add 192.168.15.1 255.255.255.252
R4
int f0/0
no sh
int f0/0.10
encapsulation dot1q 10
ip vrf for NET_G1
ip add 192.168.14.2 255.255.255.252
int f0/0.20
encapsulation dot1q 20
ip vrf for NET_G2
ip add 192.168.14.2 255.255.255.252
int lo0
ip vrf for NET_G1
ip add 192.168.1.1 255.255.255.0
description sale
int lo1
ip vrf for NET_G2
ip add 192.168.2.1 255.255.255.0
description HR
R5
int f0/0
no sh
int f0/0.10
encapsulation dot1q 10
ip vrf for NET_G1
ip add 192.168.15.2 255.255.255.252
int f0/0.20
encapsulation dot1q 20
ip vrf for NET_G2
ip add 192.168.15.2 255.255.255.252
int lo0
ip vrf for NET_G1
ip add 192.168.3.1 255.255.255.0
description MKT
int lo1
ip vrf for NET_G2
ip add 192.168.4.1 255.255.255.0
description IT
Let configure the ospf routing.Please make sure the router ID must different.
R1
router ospf 1 vrf NET_G1
router-id 1.1.1.1
net 192.168.14.0 0.0.0.3 area 0
net 192.168.15.0 0.0.0.3 area 0
router ospf 2 vrf NET_G2
router-id 1.1.1.2
net 192.168.14.0 0.0.0.3 area 0
net 192.168.15.0 0.0.0.3 area 0
R4
router ospf 1 vrf NET_G1
router-id 1.1.4.1
net 192.168.1.0 0.0.0.255 area 0
net 192.168.14.0 0.0.0.3 area 0
router ospf 2 vrf NET_G2
router-id 1.1.4.2
net 192.168.2.0 0.0.0.255 area 0
net 192.168.14.0 0.0.0.3 area 0
R5
router ospf 1 vrf NET_G1
router-id 1.1.5.1
net 192.168.3.0 0.0.0.255 area 0
net 192.168.15.0 0.0.0.3 area 0
router ospf 2 vrf NET_G2
router-id 1.1.5.2
net 192.168.4.0 0.0.0.255 area 0
net 192.168.15.0 0.0.0.3 area 0
Now we can verify the each vrf routing table
R1#sh ip route vrf NET_G1
Gateway of last resort is not set
192.168.14.0/30 is subnetted, 1 subnets
C 192.168.14.0 is directly connected, FastEthernet2/0.10
192.168.15.0/30 is subnetted, 1 subnets
C 192.168.15.0 is directly connected, FastEthernet3/0.10
10.0.0.0/30 is subnetted, 1 subnets
C 10.10.10.0 is directly connected, FastEthernet0/0
O 192.168.1.0/24 [110/2] via 192.168.14.2, 00:43:09, FastEthernet2/0.10
O 192.168.3.0/24 [110/2] via 192.168.15.2, 00:43:09, FastEthernet3/0.10
R1#sh ip route vrf NET_G2
Gateway of last resort is not set
192.168.14.0/30 is subnetted, 1 subnets
C 192.168.14.0 is directly connected, FastEthernet2/0.20
192.168.15.0/30 is subnetted, 1 subnets
C 192.168.15.0 is directly connected, FastEthernet3/0.20
O 192.168.4.0/24 [110/2] via 192.168.15.2, 00:43:45, FastEthernet3/0.20
O 192.168.2.0/24 [110/2] via 192.168.14.2, 00:43:45, FastEthernet2/0.20
For internet using default route is needed. So let make it.
ip route vrf NET_G1 0.0.0.0 0.0.0.0 10.10.10.1
ip route vrf NET_G2 0.0.0.0 0.0.0.0 172.16.12.1
R1#sh ip route vrf NET_G1 static
S* 0.0.0.0/0 [1/0] via 10.10.10.1
R1#sh ip route vrf NET_G2 static
S* 0.0.0.0/0 [1/0] via 172.16.12.1
Ok, let check from R4 and R5
R4#sh ip route vrf NET_G1
Gateway of last resort is not set
192.168.14.0/30 is subnetted, 1 subnets
C 192.168.14.0 is directly connected, FastEthernet0/0.10
192.168.15.0/30 is subnetted, 1 subnets
O 192.168.15.0 [110/2] via 192.168.14.1, 00:48:19, FastEthernet0/0.10
C 192.168.1.0/24 is directly connected, Loopback0
O 192.168.3.0/24 [110/3] via 192.168.14.1, 00:48:19, FastEthernet0/0.10
R5#sh ip route vrf NET_G2
Gateway of last resort is not set
192.168.15.0/30 is subnetted, 1 subnets
C 192.168.15.0 is directly connected, FastEthernet0/0.20
192.168.14.0/30 is subnetted, 1 subnets
O 192.168.14.0 [110/2] via 192.168.14.1, 00:46:57, FastEthernet0/0.20
O 192.168.2.0/24 [110/3] via 192.168.14.1, 00:46:57, FastEthernet0/0.20
C 192.168.4.0/24 is directly connected, Loopback1
Gateway of last resort is not set that mean R4 and R5 don't have gateway.
Let inject the default route to OSPF.
R1
router ospf 1
default-information originate
exit
router ospf 2
default-information originate
Verify the R4 and R5 routing tables.
R4#sh ip route vrf NET_G1
Gateway of last resort is 192.168.14.1 to network 0.0.0.0
192.168.14.0/30 is subnetted, 1 subnets
C 192.168.14.0 is directly connected, FastEthernet0/0.10
192.168.15.0/30 is subnetted, 1 subnets
O 192.168.15.0 [110/2] via 192.168.14.1, 00:02:58, FastEthernet0/0.10
C 192.168.1.0/24 is directly connected, Loopback0
O 192.168.3.0/24 [110/3] via 192.168.14.1, 00:02:58, FastEthernet0/0.10
O*E2 0.0.0.0/0 [110/1] via 192.168.14.1, 00:02:58, FastEthernet0/0.10
R5#sh ip route vrf NET_G2
Gateway of last resort is 192.168.15.1 to network 0.0.0.0
192.168.14.0/30 is subnetted, 1 subnets
O 192.168.14.0 [110/2] via 192.168.15.1, 00:04:37, FastEthernet0/0.20
192.168.15.0/30 is subnetted, 1 subnets
C 192.168.15.0 is directly connected, FastEthernet0/0.20
C 192.168.4.0/24 is directly connected, Loopback1
O 192.168.2.0/24 [110/3] via 192.168.15.1, 00:04:37, FastEthernet0/0.20
O*E2 0.0.0.0/0 [110/1] via 192.168.15.1, 00:03:16, FastEthernet0/0.20
Now we can use internet. Actually we need to config NAT but let skip on this post.
R4
R4#ping vrf NET_G1 10.10.10.2 so lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:
Packet sent with a source address of 192.168.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/11/12 ms
R4#ping vrf NET_G1 10.10.10.2 so lo1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:
Packet sent with a source address of 192.168.2.1
.....
Success rate is 0 percent (0/5)
At NET_G1 sale and MKT department are included and at NET_G2 HR and IT are included.
First step create the vrf.
R1/R4/R5
ip vrf NET_G1
ip vrf NET_G2
Second step -set the interfaces belong to vrf.
R1
ip vrf NET_G1
ip vrf NET_G2
int f0/0
ip vrf forwarding NET_G1
ip add 10.10.10.2 255.255.255.252
description Internet 1
no sh
int f1/0
no sh
ip vrf forwading NET_G2
ip add 172.16.12.2 255.255.255.252
description Internet 2
no sh
int f2/0
no sh
int f2/0.10
encapsulation dot1q 10
ip vrf for NET_G1
ip add 192.168.14.1 255.255.255.252
int f2/0.20
encapsulation dot1q 20
ip vrf for NET_G2
ip add 192.168.14.1 255.255.255.252
int f3/0
no sh
int f3/0.10
encapsulation dot1q 10
ip vrf for NET_G1
ip add 192.168.15.1 255.255.255.252
int f3/0.20
encapsulation dot1q 20
ip vrf for NET_G2
ip add 192.168.15.1 255.255.255.252
R4
int f0/0
no sh
int f0/0.10
encapsulation dot1q 10
ip vrf for NET_G1
ip add 192.168.14.2 255.255.255.252
int f0/0.20
encapsulation dot1q 20
ip vrf for NET_G2
ip add 192.168.14.2 255.255.255.252
int lo0
ip vrf for NET_G1
ip add 192.168.1.1 255.255.255.0
description sale
int lo1
ip vrf for NET_G2
ip add 192.168.2.1 255.255.255.0
description HR
R5
int f0/0
no sh
int f0/0.10
encapsulation dot1q 10
ip vrf for NET_G1
ip add 192.168.15.2 255.255.255.252
int f0/0.20
encapsulation dot1q 20
ip vrf for NET_G2
ip add 192.168.15.2 255.255.255.252
int lo0
ip vrf for NET_G1
ip add 192.168.3.1 255.255.255.0
description MKT
int lo1
ip vrf for NET_G2
ip add 192.168.4.1 255.255.255.0
description IT
Let configure the ospf routing.Please make sure the router ID must different.
R1
router ospf 1 vrf NET_G1
router-id 1.1.1.1
net 192.168.14.0 0.0.0.3 area 0
net 192.168.15.0 0.0.0.3 area 0
router ospf 2 vrf NET_G2
router-id 1.1.1.2
net 192.168.14.0 0.0.0.3 area 0
net 192.168.15.0 0.0.0.3 area 0
R4
router ospf 1 vrf NET_G1
router-id 1.1.4.1
net 192.168.1.0 0.0.0.255 area 0
net 192.168.14.0 0.0.0.3 area 0
router ospf 2 vrf NET_G2
router-id 1.1.4.2
net 192.168.2.0 0.0.0.255 area 0
net 192.168.14.0 0.0.0.3 area 0
R5
router ospf 1 vrf NET_G1
router-id 1.1.5.1
net 192.168.3.0 0.0.0.255 area 0
net 192.168.15.0 0.0.0.3 area 0
router ospf 2 vrf NET_G2
router-id 1.1.5.2
net 192.168.4.0 0.0.0.255 area 0
net 192.168.15.0 0.0.0.3 area 0
Now we can verify the each vrf routing table
R1#sh ip route vrf NET_G1
Gateway of last resort is not set
192.168.14.0/30 is subnetted, 1 subnets
C 192.168.14.0 is directly connected, FastEthernet2/0.10
192.168.15.0/30 is subnetted, 1 subnets
C 192.168.15.0 is directly connected, FastEthernet3/0.10
10.0.0.0/30 is subnetted, 1 subnets
C 10.10.10.0 is directly connected, FastEthernet0/0
O 192.168.1.0/24 [110/2] via 192.168.14.2, 00:43:09, FastEthernet2/0.10
O 192.168.3.0/24 [110/2] via 192.168.15.2, 00:43:09, FastEthernet3/0.10
R1#sh ip route vrf NET_G2
Gateway of last resort is not set
192.168.14.0/30 is subnetted, 1 subnets
C 192.168.14.0 is directly connected, FastEthernet2/0.20
192.168.15.0/30 is subnetted, 1 subnets
C 192.168.15.0 is directly connected, FastEthernet3/0.20
O 192.168.4.0/24 [110/2] via 192.168.15.2, 00:43:45, FastEthernet3/0.20
O 192.168.2.0/24 [110/2] via 192.168.14.2, 00:43:45, FastEthernet2/0.20
For internet using default route is needed. So let make it.
ip route vrf NET_G1 0.0.0.0 0.0.0.0 10.10.10.1
ip route vrf NET_G2 0.0.0.0 0.0.0.0 172.16.12.1
R1#sh ip route vrf NET_G1 static
S* 0.0.0.0/0 [1/0] via 10.10.10.1
R1#sh ip route vrf NET_G2 static
S* 0.0.0.0/0 [1/0] via 172.16.12.1
Ok, let check from R4 and R5
R4#sh ip route vrf NET_G1
Gateway of last resort is not set
192.168.14.0/30 is subnetted, 1 subnets
C 192.168.14.0 is directly connected, FastEthernet0/0.10
192.168.15.0/30 is subnetted, 1 subnets
O 192.168.15.0 [110/2] via 192.168.14.1, 00:48:19, FastEthernet0/0.10
C 192.168.1.0/24 is directly connected, Loopback0
O 192.168.3.0/24 [110/3] via 192.168.14.1, 00:48:19, FastEthernet0/0.10
R5#sh ip route vrf NET_G2
Gateway of last resort is not set
192.168.15.0/30 is subnetted, 1 subnets
C 192.168.15.0 is directly connected, FastEthernet0/0.20
192.168.14.0/30 is subnetted, 1 subnets
O 192.168.14.0 [110/2] via 192.168.14.1, 00:46:57, FastEthernet0/0.20
O 192.168.2.0/24 [110/3] via 192.168.14.1, 00:46:57, FastEthernet0/0.20
C 192.168.4.0/24 is directly connected, Loopback1
Gateway of last resort is not set that mean R4 and R5 don't have gateway.
Let inject the default route to OSPF.
R1
router ospf 1
default-information originate
exit
router ospf 2
default-information originate
Verify the R4 and R5 routing tables.
R4#sh ip route vrf NET_G1
Gateway of last resort is 192.168.14.1 to network 0.0.0.0
192.168.14.0/30 is subnetted, 1 subnets
C 192.168.14.0 is directly connected, FastEthernet0/0.10
192.168.15.0/30 is subnetted, 1 subnets
O 192.168.15.0 [110/2] via 192.168.14.1, 00:02:58, FastEthernet0/0.10
C 192.168.1.0/24 is directly connected, Loopback0
O 192.168.3.0/24 [110/3] via 192.168.14.1, 00:02:58, FastEthernet0/0.10
O*E2 0.0.0.0/0 [110/1] via 192.168.14.1, 00:02:58, FastEthernet0/0.10
R5#sh ip route vrf NET_G2
Gateway of last resort is 192.168.15.1 to network 0.0.0.0
192.168.14.0/30 is subnetted, 1 subnets
O 192.168.14.0 [110/2] via 192.168.15.1, 00:04:37, FastEthernet0/0.20
192.168.15.0/30 is subnetted, 1 subnets
C 192.168.15.0 is directly connected, FastEthernet0/0.20
C 192.168.4.0/24 is directly connected, Loopback1
O 192.168.2.0/24 [110/3] via 192.168.15.1, 00:04:37, FastEthernet0/0.20
O*E2 0.0.0.0/0 [110/1] via 192.168.15.1, 00:03:16, FastEthernet0/0.20
Now we can use internet. Actually we need to config NAT but let skip on this post.
R4
R4#ping vrf NET_G1 10.10.10.2 so lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:
Packet sent with a source address of 192.168.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/11/12 ms
R4#ping vrf NET_G1 10.10.10.2 so lo1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:
Packet sent with a source address of 192.168.2.1
.....
Success rate is 0 percent (0/5)
Comments
Post a Comment