This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Inter-VRF routing on singular Router

S4mrai
New Contributor

‎04-02-2024 08:26 AM

Hi, I have a ICX-7450 stack with 5 members running L3 Code with L3-prem license.

I have a default VRF on  VE1 (VLAN 1) and a Non-default VRF on VE 200 (VLAN 200)

I want to allow traffic between VLAN 1 Networks and VLAN 200 Networks :

config excpert:

vlan 1 name DEFAULT by port
 router-interface ve 1
 spanning-tree 802-1w

vlan 200 name clientx by port
 ### Here would be the tagged ports
 router-interface ve 200
 spanning-tree 802-1w

vrf clientx
 rd 11:11
 ip router-id 10.30.0.16
 address-family ipv4
 ip route 0.0.0.0/0 10.30.0.254
 ip route 172.16.100.0/24 ve 1
 exit-address-family
 exit-vrf

ip router-id 172.18.10.16
ip route 0.0.0.0/0 172.18.10.254
ip route 10.30.0.0/24 ve 200


interface ve 1
 ip address 172.18.10.16 255.255.255.0


interface ve 200
 vrf forwarding clientx
 ip address 10.30.0.16 255.255.255.0



I just want clients from the default vrf (172.18.10.0/24) to be able to communicate with the clientx vrf (10.30.0.0/24)
Documentation is telling me that VRF Route leaking works by selecting the respective exit interface of the vrf but it doesn't work. Clients cannot reach each other.

I think I am dumb, in cisco I would just use the "import maps" but this is my first time vrf on Ruckus.

(please note: Networks are changed and very simplified in this example, each vrf has more routes which the other side should not see. I only specified the one network which we want inter-Vrf connectivity . This L3 Router is also the gateway for the cleints in their respective vlans.)

0 Kudos
10 REPLIES 10

Chandini
RUCKUS Team Member

‎04-02-2024 09:38 AM

Hi S4mrai

Thank you for reaching us.

Could you please let me know if this is a new setup ?

Could you share the below output ?

  • show ip route vrf clientx
  • ping vrf clientx 10.30.0.16
  • ping vrf clientx 172.18.10.16

Thanks 

0 Kudos

S4mrai
New Contributor

‎04-03-2024 05:16 AM

Thank you for the fast reply.

SSH@core#show ip route vrf client x
Total number of IP routes: 2
Type Codes - B:BGP D:Connected O:OSPF R:RIP S:Static; Cost - Dist/Metric
BGP Codes - i:iBGP e:eBGP
OSPF Codes - i:Inter Area 1:External Type 1 2:External Type 2
STATIC Codes - v:Inter-VRF
Destination Gateway Port Cost Type Uptime
1 0.0.0.0/0 10.30.0.254 ve 200 1/1 S 0m5s
2 10.30.0.0/24 DIRECT ve 200 0/0 D 7d21h
3 172.18.10.0/24 DIRECT ve 1 1/1 Sv 0m5s

 

SSH@core#ping vrf clientx 10.30.0.16
Ping self done.

SSH@core#ping vrf clientx 172.18.10.16
Sending 1, 16-byte ICMP Echo to 172.18.10.16, timeout 5000 msec, TTL 64
Type Control-c to abort
Request timed out.
No reply from remote host.

0 Kudos

S4mrai
New Contributor

‎04-03-2024 05:20 AM

also please ignore this typo ip route 172.16.100.0/24 ve 1 this route was ip route 172.18.10.0/24 ve 1 instead, I just anonymized our networks and misstyoped. I made shure that the routes from default to vrf and vice-versa have the correct networks.

But I still cannot ping from ve200 to ve 1. 

0 Kudos

Chandini
RUCKUS Team Member

‎04-05-2024 10:23 AM

Hi S4mrai

Thank you for sharing the details. 

In the vrf routing table looks like information is populating. Could you try to add the below command to ve 1 also and check

interface ve 1
 vrf forwarding clientx

Thanks 

0 Kudos
Copyright © 2024 Khoros, LLC