Category:Cisco Systems -> Routing and Switching
So far VRF is useful for
1. L3 separation within the device which may come in handy with logical zoning with a single point of in/out through a firewall for example.
2. As an alternative for policy routing (source IP routing) where instead of creating multiple route-maps with source IP pools one can simply put the whole ip network into a VRF instance and have a unique alternative default route out of it for a specific VRF.
Basic VRF configuration template for L3 Cisco switches like 3750s, etc:
ip vrf A1
exit
int vlan 100
ip vrf forwarding A1
ip address 10.0.0.1 255.255.255.0
exit
int vlan 900
ip vrf forwarding A1
ip address 10.10.10.1 255.255.255.252
exit
ip route vrf A1 0.0.0.0 0.0.0.0 10.10.10.2
ip vrf A2
exit
int vlan 101
ip vrf forwarding A2
ip address 10.0.0.1 255.255.255.0
exit
int vlan 901
ip vrf forwarding A2
ip address 10.10.10.5 255.255.255.252
exit
ip route vrf A1 0.0.0.0 0.0.0.0 10.10.10.6
ping vrf A1 10.10.10.2
ping vrf A2 10.10.10.5
On Nexus:
vrf context A1
ip route 0.0.0.0/0 10.10.10.2
router ospf 1
vrf A1
router bgp 123456
vrf A1
interface vlan 100
vrf member A1
ip address 10.0.0.1 255.255.255.0
ping 10.10.10.2 vrf A1
sh ip route vrf A1
sh run vrf A1
etc.