Evil_TTL> show | s

VRF

Category:Cisco Systems -> Routing and Switching

So far VRF is useful for

1. L3 separation within the device which may come in handy with logical zoning with a single point of in/out through a firewall for example.
2. As an alternative for policy routing (source IP routing) where instead of creating multiple route-maps with source IP pools one can simply put the whole ip network into a VRF instance and have a unique alternative default route out of it for a specific VRF.

Basic VRF configuration template for L3 Cisco switches like 3750s, etc:

ip vrf A1
exit

int vlan 100
ip vrf forwarding A1
ip address 10.0.0.1 255.255.255.0
exit

int vlan 900
ip vrf forwarding A1
ip address 10.10.10.1 255.255.255.252
exit

ip route vrf A1 0.0.0.0 0.0.0.0 10.10.10.2

ip vrf A2
exit

int vlan 101
ip vrf forwarding A2
ip address 10.0.0.1 255.255.255.0
exit

int vlan 901
ip vrf forwarding A2
ip address 10.10.10.5 255.255.255.252
exit

ip route vrf A1 0.0.0.0 0.0.0.0 10.10.10.6 
ping vrf A1 10.10.10.2
ping vrf A2 10.10.10.5 

On Nexus:

vrf context A1
 ip route 0.0.0.0
/0 10.10.10.2

router ospf 1
 vrf A1

router bgp 123456
 vrf A1

interface vlan 100
 vrf member A1
 ip address 10.0.0.1 255.255.255.0 
ping 10.10.10.2 vrf A1
sh ip route vrf A1
sh run vrf A1

etc
By privilege15