Example C

Inter-VRF configuration examples with Internet access

Intranet

remote1

Intranet

route

remote2

Internet

VRF

static

Router

Private to

VRF2

route

11re

public NAT

VRFote

1 b

mote

VLAN

Intranet

1 c

2 2

mote

route

VLAN

248re

1 d

mote

fault

VLAN

mVRFote

mote

2 b

VLAN

mote

ote

VLAN

mVLAN

101

VRF

VRF4

VLANshared3

200

route

shared3

_100

RIP

VLAN

LANshared3

shared3

102

fice4VRF

fice4

VLAN_

COMMUNICATION PLAN

VRF3 has communication with VRF1

VRF3 has communication with VRF2

No communication between:

VRF1 and VRF2

VRF1 and VRF4

VRF2 and VRF4

VRF3 and VRF4

Intranet remote1 and Intranet remote2 have IP address plan overlapping (vlan 10 and vlan20 respectively). There is no inter-VRF communication from VRF3 to overlapping networks associated with vlan10 and vlan20.

Inter-VRF communication is limited to connected interface routes only.

Inter-VRF communications (VLAN to VLAN) are handled by dynamic inter-VRF routing.

VRF1 and VRF2 can both access the Internet via shared VRF3 vlan100, however additional HW ACLs are now required to prevent data from VRF1 being routed via Internet access router back to VRF2 and vice-versa.

Page 40 Configure VRF-lite

Allied Telesis C613-16164-00 REV E manual Example C

Models: C613-16164-00 REV E

Example C