User's Manual
Inter-VRF configuration examples with Internet access
Page 40 | Configure VRF-lite
Example C
Intranet
remote1
VRF1
Intranet 1 static route
Intranet
remote2
Internet default route
VRF2
RIP Intranet route
VRF4
RIP route
Internet
Router
Private to
public NAT
VRF1
remote1
VLAN 10
remote1_a
VLAN 11
remote1_b
VLAN 12
remote1_c
VLAN 13
remote1_d
VLAN 90
remote1_e
VRF2
remote2
VLAN 20
remote2_a
VLAN 248
remote2_b
VRF3
shared3
VLAN 100
shared3_a
VLAN 101
shared3_b
LAN 102
shared3_c
VRF4
ofce4
VLAN 200
ofce4_a
COMMUNICATION PLAN
VRF3 has communication with VRF1
VRF3 has communication with VRF2
No communication between:
VRF1 and VRF2
VRF1 and VRF4
VRF2 and VRF4
VRF3 and VRF4
Intranet remote1 and Intranet remote2 have IP address plan overlapping (vlan 10 and vlan20
respectively). There is no inter-VRF communication from VRF3 to overlapping networks associated
with vlan10 and vlan20.
Inter-VRF communication is limited to connected interface routes only.
Inter-VRF communications (VLAN to VLAN) are handled by dynamic inter-VRF routing.
VRF1 and VRF2 can both access the Internet via shared VRF3 vlan100, however additional HW ACLs
are now required to prevent data from VRF1 being routed via Internet access router back to VRF2
and vice-versa.