Configuring a complex inter-VRF solution

Connected routes associated with VRF green are redistributed into BGP, and also advertised to the external BGP neighbor router. VRF green has an i-BGP peering relationship to its neighbor as the neighbor ASN is the same (ASN 100). BGP routes learned from the external i-BGP neighbor are added to BGP 100. As the connection is i-BGP (not e-BGP), the BGP command next-hop-self is required to ensure the next-hop IP address is modified for each prefix advertised to the external i-BGP peer. The next hop address becomes the VRF green vlan2 ip address ‘192.168.20.1’. Without this command inter-VRF routes advertised to the external i-BGP peer would retain the original next-hop IP address associated with VRF shared.

For example, the i-BGP standard dictates that without the command next-hop-self,the VRF shared route 192.168.44.0/24 leaked into VRF green would be advertised to the external VRF green i-BGP peer retaining the original VRF shared next-hop IP 192.168.100.2, instead of being modified to become the VRF green vlan2 IP 192.168.20.1.

The e-BGP standard dictates that the next-hop IP is automatically modified when advertising a prefix to an e-BGP neighbor, so the command next-hop-self is not required for external e- BGP peering relationships.

The default-originate command is required to ensure BGP redistributes the VRF green static default route to VRF green external i-BGP neighbor.

Connected routes and RIPv2 routes associated with VRF blue are imported and redistributed into BGP to be leaked to VRF shared.

Connected routes, OSPF instance 2 routes, and the static route associated with VRF orange are redistributed into BGP. VRF orange also has two static routes to orange router subnets 192.168.140.0/24 and 192.168.20.0/24. Only static route 192.168.140.0/24 is redistributed into BGP. Previously, VRF orange static route 192.168.20.0/24 was filtered via VRF export ACL as the network address range is also used elsewhere - with VRF green vlan2.

Connected routes and static routes associated with VRF shared are redistributed into BGP. VRF shared has static routes to external shared router networks 192.168.43.0/24, 192.168.44.0/24 and 192.168.45.0/24 as well as a static default route to the Internet. VRF shared has an e-BGP peering relationship to its internet-facing neighbor as the neighbor ASN is different (peer ASN = 300 instead of 100). The external Internet router learns routes to all networks associated with VRFs red, green, blue and orange via the e-BGP peering relationship.

Note: A unique AS number (ASN) is allocated to each AS for use in BGP routing. The numbers are assigned by IANA and the Regional Internet Registries (RIR), the same authorities that allocate IP addresses. There are public numbers, which may be used on the Internet and range from 1 to 64511, and private numbers from 64512 to 65535, which can be used within an organization.

Configure VRF-lite Page 55

Page 55
Image 55
Allied Telesis C613-16164-00 REV E manual Configure VRF-lite

C613-16164-00 REV E specifications

The Allied Telesis C613-16164-00 REV E is a robust networking device designed to enhance connectivity and communication within enterprise environments. Renowned for its reliability and efficiency, this device serves as an ideal choice for organizations seeking to improve their network infrastructure.

At its core, the C613-16164-00 REV E is a part of Allied Telesis' suite of products that adhere to high-performance standards. One of the main features is its support for both Layer 2 and Layer 3 networking, making it versatile enough to handle a variety of network configurations. This capability allows for seamless integration into different network architectures, whether for simple local area networks (LANs) or more advanced setups with routing capabilities.

Another significant characteristic of the C613-16164-00 REV E is its high-speed data transfer capabilities. With support for Gigabit Ethernet, the device ensures that data can be transmitted quickly and efficiently across the network. This is particularly important for businesses that rely on heavy data usage and need to maintain performance standards even during peak hours.

Additionally, the C613-16164-00 REV E features advanced security measures, including VLAN support and port security configurations, which help protect sensitive information and prevent unauthorized access. This is essential for businesses that handle confidential data and must comply with industry regulations.

In terms of manageability, the device supports SNMP (Simple Network Management Protocol), allowing for easy monitoring and management of network resources. Network administrators can efficiently manage the device and optimize performance with minimal effort, improving overall productivity.

The design of the C613-16164-00 REV E is also noteworthy; it is built for durability, often featuring a compact form factor that makes installation straightforward without compromising on performance. Its compatibility with various Allied Telesis products ensures that organizations can build a cohesive network ecosystem.

In conclusion, the Allied Telesis C613-16164-00 REV E stands out as an excellent networking solution characterized by its support for multiple networking layers, high-speed data transfer, and robust security features. Ideal for both small to medium enterprises and larger organizations, it helps ensure that businesses can maintain efficient and secure operations in a constantly evolving digital landscape.