VRF question for CCNP
-
ip nat pool Cust2Top 192.168.64.3 192.168.64.3 netmask 255.255.255.0
ip nat pool Cust2Bot 192.168.64.4 192.168.64.4 netmask 255.255.255.0
ip nat inside source list 1 pool Cust2Top overload
ip nat inside source list 2 pool Cust2Bot overload
ip route 0.0.0.0 0.0.0.0 192.168.64.1
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh server algorithm authentication password
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
ipv6 ioam timestamp
!
!
access-list 1 permit 172.16.32.0 0.0.0.3
access-list 2 permit 172.16.16.0 0.0.0.3 -
My problem with some of your content is the lack of completeness. Seems like you go 60-70% of the way there and leave the rest up to us to figure out. I used NAT and global routes to get it to work. Could you add a section for your sh run on each device so we can look at them after each show?
-
The problem again is that we covered NAT in a different episode already. On VRF, you normally don't seen it run unless you're in the service provider side of things. This show doesn't concentrate on the CCNP SP exams. So even with this, we would only see that full configuration as you've suggested from the Service Provider side.
On the episode, I configured two different VRFs, with two different sources and two separate hosts and ran the routing protocol for each VRF and showed it operationally working. Configuring VRF itself is not the objective here, It is only VRF-lite which is the focus of the episode. I try not to add complexity so that the focus is on setting up that topic and not explaining how everything else needs to work before it will work too. Hope this helps you to understand the process.
-
@ronnie-wong You are always a great help. When I took the CCNP exam a few months ago and failed it, it was a shock on how many questions were not in the books or videos on our site. I have been going through each topic and doing VIRL Sims on them. It would be great to see your finished sh runs with it working. Yes, I need to know one side of many topics for the CCNP. You can't get them properly working in a Sim without the other side done too.
-
https://wp.scsiraidguru.com/?page_id=1191
Here is the Simulation, Sh Run, Sh IP Route, Sh IP Route VRF files.
-
I like the new Cisco CCNP VRF-Lite Video done my Ronnie Wong. I hope my finished VRF project I attached using NAT with OSPF helps.
-
@michael-mckenney,
Thanks for sharing your lab! -
I thought it might help your users with the CCNP.
I started watching your new videos. I took your VRF-Lite video and did it for OSPF and working on EIGRP.. I am getting it so it can ping to the outside world from Cisco VIRL and going to work on getting TFTP to work with it.
I am watching your new VRF-Lite video. I saw you use 10.16.10.0 255.255.255.254. I had to look it up. I see it is described as a point to point connection. I love the new videos.
-
I watched Ronnie's new VRF-Lite video on CCNP Route. I did this simulation in Cisco VIRL
https://wp.scsiraidguru.com/?page_id=1239
This one is VRF-Lite with EIGRP. I am completing VRF-Lite for OSPF soon on my web site. It doesn't allow me to use default-information originate so I did a lot of ip route and ip route vrf statements to get in and out.
ip tftp source-interface g0/x allowed me to TFTP to my workstation.
sh run | redirect tftp://192.168.1.240/iosv1_ShRun.txt send iosv-1's sh run to a text file on my TFTP server. Speeds up building the simulations on my web page.
I added a few things for completeness. FLAT-1 connects to the 172.16.1..0 network on my Fortinet 60E. VIRL allows me to reach the real world. I setup IP TFTP source-interface g0/x to TFTP to my workstation.
172.16.1.1 is the 60E interface and 192.168.1.240 is my workstation.
I configured inbound and outbound IP routes for VRF to get to my workstation. Each router has loopbacks for HR and ACCT.
I did learn something new 10.16.10.0 / 255.255.255.254 is point to point.
-
https://wp.scsiraidguru.com/?page_id=1262
Here is the link for VRF using OSPF. This simulation is VRF for departments using OSPF. I have setup HR and ACCT to be separated. I also setup the routes to get out to my TFTP server, my workstation. Sh run | redirect tftp://192.168.1.240/iosv1_ShRun.txt so I could send the files below to my workstation.
