Lesson 2: How to Configure Inter-VRF Transit Routing
In lesson two of this ACI training series, Daniel Pita continues his demonstration of configuring ACI Transit Routing with the second use case scenario, how to configure Inter-VRF Transit Routing. The following additional informational resources are provided in this lesson.
- A Virtual Routing and Forwarding (VRF) object or context is a tenant network (called a private network in the APIC GUI). A tenant can have multiple VRFs. A VRF is a unique Layer 3 forwarding and application policy domain.
- Normal transit routing is limited to a single VRF
- As of ACI version 2.2.2, transit routing can be configured between two L3 outs in different VRFs. Essentially route leaking between two distinct external routed domains.
- Inter-VRF Transit Routing configurations are similar to that of Single VRF configurations
- L3 Out EPG requires Shared Security Import and Shared Route Control setting enabled
- EPG is a logical entity that contains a collection of physical or virtual network endpoints. In Cisco ACI, endpoints are devices connected to the network directly or indirectly. They have an address (identity), a location, attributes (e.g., version, patch level), and can be physical or virtual. Endpoint examples include servers, virtual machines, storage, or clients on the Internet.
- Contracts need Global Scope enabled for successful route leaking
- Contracts are rules that specify what and how communication in a network is allowed. Contracts specify how communications between EPGs take place. Contract scope can be limited to the EPGs in an application profile, a tenant, a VRF, or the entire fabric.