Rare project developers

[Gabriel Tetzner <>]

Hi all,

sorry for the inconvenience and I know that everyone must be busy,

I managed to make a wireguard client recognize our vxlan's tunnel infrastructure and reach another router from another available network, but I need to advance in one thing...

Everything I am doing is separated into a vrf called VXLAN, but there is a global vrf called INET that freeRouter creates when it is installed in the virtual machine.

This my global INET vrf has output to the Internet via an Ethernet1 interface that points to an outbound gateway, now consider that I want my other VXLAN vrf to have output to the Internet so that I have in my routes the external connectivity.

I thought about creating a second eth2 interface and linking it with pcapInt afterwards, I haven't done that yet as I tried using a tapInt by default and within my research, I saw that you have a way to import the routes from one vrf to the other is what they kind of call leaking, not sure.

Well, my question is: how can I make this vrf VXLAN communicate with the output (gateway), using some means that is possible for this?

And on that note...
The context of this ẽ́ that I am looking for isolation of my network and for it to point to the Internet afterwards, I need this to do tests with SD-WAN as well, since I believe vpdn needs an output to reach the destination target of the sd-wan server.

Here are some configurations:

prefix-list vrf_inet
 sequence 10 permit 0.0.0.0/0 ge 0 le 0
 exit              
!                  
route-map VRF_TO_NET
 sequence 10 action permit
 sequence 10 match prefix-list vrf_inet
 !                
 exit              
!                  
route-map VRFINET_TO_VXLAN
 sequence 10 action permit
 sequence 10 match prefix-list vrf_inet
 !                
 exit              
!          

 vrf definition inet

 rd 200:200        
 import4map VRF_TO_NET
 export4map VRFINET_TO_VXLAN
 exit              
!                              
vrf definition vxlan
 description vxlan vrf isolation
 rd 100:100        
 import4map VRFINET_TO_VXLAN
 export4map VRF_TO_NET
 exit              
! 

interface ethernet1
 description uplink     
 vrf forwarding inet
 ipv4 address dynamic dynamic
 ipv4 gateway-prefix all4
 ipv4 dhcp-client enable
 ipv4 dhcp-client early
 ipv6 address dynamic dynamic
 ipv6 gateway-prefix all6
 ipv6 slaac-client enable
 ipv6 prefix-suppress
 router eigrp4 2 enable
 no shutdown      
 no log-link-change
 exit              
!

vcpe1#show ipv4 route inet                                                    
typ  prefix             metric  iface          hop            time
DEF  0.0.0.0/0          0/2     ethernet1      200.x.x.65  00:00:21
C    10.255.255.0/24    0/0     ethernet20001  null           12:05:01
LOC  10.255.255.254/32  0/1     ethernet20001  null           12:05:01
C    200.x.x.64/28   0/0     ethernet1      null           00:00:21
REM  200.x.x.65/32   0/0     ethernet1      200.x.x.65  00:00:21
LOC  200.x.x.69/32   0/1     ethernet1      null           00:00:21

 

vcpe1#show ipv4 route vxlan                                                    
typ  prefix            metric  iface      hop   time
C    10.0.0.0/24       0/0     tunnel2    null  12:09:08
LOC  10.0.0.2/32       0/1     tunnel2    null  12:09:08
C    124.0.2.0/28      0/0     tunnel1    null  12:09:08
LOC  124.0.2.2/32      0/1     tunnel1    null  12:09:08
C    200.x.x.85/32  0/0     ethernet2  null  11:27:19

This ethernet2 is the interface I tried to create ;)

Best regards,Gabriel Tetzner Menegueti.