I posted this question a few months: Multiple IPs in the same subnet
I've decided the best route is to use VRFs with the overlapping IPs. I have setup two routers with the IPs configured and the ip routes in the VRFs.
If I do:
interface GigabitEthernet1/0.1 description VRF1 encapsulation dot1Q 1 native ip vrf forwarding VRF1 ip address xxx.xxx.xxx.xxx 255.255.255.240 interface GigabitEthernet1/0.2 description VRF2 encapsulation dot1Q 2 ip vrf forwarding VRF2 ip address xxx.xxx.xxx.xxx 255.255.255.240
I can ping the other side router (which would be another provider) from VRF1, but not from VRF2.
Ultimately, I can only ping from whatever subinterface has encapsulation set to vlan 1.
Does anyone have an idea why this isn't working for me?
Edit:
Here is a drawing: https://imgur.com/a/yfWuthK
Some background: we run IPSec tunnels to each provider. Currently, one provider VPN tunnel terminates on the ISR I have, the second provider terminates on an ASA. I want them both to terminate on the ISR. Both with public IP addresses. Both providers have some odd reasons for not changing the peer IDs, so I'm trying to figure out how to point each provider at the public IP that was assigned to them during the initial setup. One solution, since they have different routing tables, is to use VRFs. But, I can only ping the provider that has the VRF encapsulation set to vlan 1. If there is another way, I would be interested in it.
No comments:
Post a Comment