I am creating a multi-part series that focuses on Layer 3 network segmentation. This post serves as a landing point and aggregation place for these topics. As the series is built out, the individual links will be available below.
Articles in this Series
- Article 1 – Basic L3 Segmentation with VRFs
- Article 2 – Extending L3 Segmentation with VRF-lite
- Article 3 – Creating a Shared Services VRF
- Article 4 – VRF-lite in a DMVPN Network
- Article 5 – Stateful Inter-Vrf connectivity
The basic topology is shown below. Each article will consist of the configuration information and relevant validation. This should serve as a very good starting point for anyone struggling with building out a common network with strict security zones requiring areas of isolation.
Other Articles about VRFs
- VRFing 101, Understing VRF Basics
- VRFing 102, Providing Internet Access With Dynamic PAT
- VRFing 103, Using NAT Virtual Interfaces for Global Reachability
- Using a GRE Tunnel VRF to Separate the Physical Interface
- Combining GRE and IPSec with a Front Side VRF
- Voice Gateway and Voice VRF – Caveats
Disclaimer: This article includes the independent thoughts, opinions, commentary or technical detail of Paul Stewart. This
may or may does not reflect the position of past, present or future employers.