cancel
Showing results for 
Search instead for 
Did you mean: 

Inter-VRF routing on singular Router

S4mrai
New Contributor

Hi, I have a ICX-7450 stack with 5 members running L3 Code with L3-prem license.

I have a default VRF on  VE1 (VLAN 1) and a Non-default VRF on VE 200 (VLAN 200)

I want to allow traffic between VLAN 1 Networks and VLAN 200 Networks :

config excpert:

vlan 1 name DEFAULT by port
 router-interface ve 1
 spanning-tree 802-1w

vlan 200 name clientx by port
 ### Here would be the tagged ports
 router-interface ve 200
 spanning-tree 802-1w

vrf clientx
 rd 11:11
 ip router-id 10.30.0.16
 address-family ipv4
 ip route 0.0.0.0/0 10.30.0.254
 ip route 172.16.100.0/24 ve 1
 exit-address-family
 exit-vrf

ip router-id 172.18.10.16
ip route 0.0.0.0/0 172.18.10.254
ip route 10.30.0.0/24 ve 200


interface ve 1
 ip address 172.18.10.16 255.255.255.0


interface ve 200
 vrf forwarding clientx
 ip address 10.30.0.16 255.255.255.0



I just want clients from the default vrf (172.18.10.0/24) to be able to communicate with the clientx vrf (10.30.0.0/24)
Documentation is telling me that VRF Route leaking works by selecting the respective exit interface of the vrf but it doesn't work. Clients cannot reach each other.

I think I am dumb, in cisco I would just use the "import maps" but this is my first time vrf on Ruckus.

(please note: Networks are changed and very simplified in this example, each vrf has more routes which the other side should not see. I only specified the one network which we want inter-Vrf connectivity . This L3 Router is also the gateway for the cleints in their respective vlans.)

10 REPLIES 10

Chandini
RUCKUS Team Member

Hi S4mrai

Thank you for reaching us.

Could you please let me know if this is a new setup ?

Could you share the below output ?

  • show ip route vrf clientx
  • ping vrf clientx 10.30.0.16
  • ping vrf clientx 172.18.10.16

Thanks 

S4mrai
New Contributor

Thank you for the fast reply.

SSH@core#show ip route vrf client x
Total number of IP routes: 2
Type Codes - B:BGP D:Connected O:OSPF R:RIP S:Static; Cost - Dist/Metric
BGP Codes - i:iBGP e:eBGP
OSPF Codes - i:Inter Area 1:External Type 1 2:External Type 2
STATIC Codes - v:Inter-VRF
Destination Gateway Port Cost Type Uptime
1 0.0.0.0/0 10.30.0.254 ve 200 1/1 S 0m5s
2 10.30.0.0/24 DIRECT ve 200 0/0 D 7d21h
3 172.18.10.0/24 DIRECT ve 1 1/1 Sv 0m5s

 

SSH@core#ping vrf clientx 10.30.0.16
Ping self done.

SSH@core#ping vrf clientx 172.18.10.16
Sending 1, 16-byte ICMP Echo to 172.18.10.16, timeout 5000 msec, TTL 64
Type Control-c to abort
Request timed out.
No reply from remote host.

S4mrai
New Contributor

also please ignore this typo ip route 172.16.100.0/24 ve 1 this route was ip route 172.18.10.0/24 ve 1 instead, I just anonymized our networks and misstyoped. I made shure that the routes from default to vrf and vice-versa have the correct networks.

But I still cannot ping from ve200 to ve 1. 

Chandini
RUCKUS Team Member

Hi S4mrai

Thank you for sharing the details. 

In the vrf routing table looks like information is populating. Could you try to add the below command to ve 1 also and check

interface ve 1
 vrf forwarding clientx

Thanks