Cisco NX-OS/IOS Layer-3 Virtualization Comparison
From DocWiki
| Line 14: | Line 14: | ||
* Cisco NX-OS supports 1000 VRF instances per chassis consisting of 250 VRF instances per VDC with 4 VDCs (994 VRF instances can be configured in 1 VDC). | * Cisco NX-OS supports 1000 VRF instances per chassis consisting of 250 VRF instances per VDC with 4 VDCs (994 VRF instances can be configured in 1 VDC). | ||
* Two VRF instances are configured by default. The management port on the supervisor module is assigned to the '''management''' VRF, and all I/O module ports are assigned to the '''default''' VRF. | * Two VRF instances are configured by default. The management port on the supervisor module is assigned to the '''management''' VRF, and all I/O module ports are assigned to the '''default''' VRF. | ||
| - | * The '''default''' VRF is the default routing context for all '''show''' commands. | + | * The '''default''' VRF instance is the default routing context for all '''show''' commands. |
| - | * VRF instances can be enabled without any command-line interface (CLI) prerequisites. Cisco IOS Software requires '''ip cef''' to be enabled globally before VRF | + | * VRF instances can be enabled without any command-line interface (CLI) prerequisites. Cisco IOS Software requires '''ip cef''' to be enabled globally before a VRF instance can be configured. |
* Multicast routing/forwarding can be configured per VRF instance without having to globally enable the VRF instance for multicast . Cisco IOS Software requires the global '''ip multicast-routing vrf ''<name>'' ''' command per VRF instance. | * Multicast routing/forwarding can be configured per VRF instance without having to globally enable the VRF instance for multicast . Cisco IOS Software requires the global '''ip multicast-routing vrf ''<name>'' ''' command per VRF instance. | ||
* The CLI for enabling VRF routing for a protocol is consistent for all routing protocols, whereas Cisco IOS Software uses address families for Border Gateway Protocol (BGP), Routing Information Protocol (RIP), and Enhanced Interior Gateway Routing Protocol (EIGRP) and requires unique routing process IDs per VRF for Integrated Intermediate System-to-Intermediate System (ISIS) and Open Shortest Path First (OSPF). | * The CLI for enabling VRF routing for a protocol is consistent for all routing protocols, whereas Cisco IOS Software uses address families for Border Gateway Protocol (BGP), Routing Information Protocol (RIP), and Enhanced Interior Gateway Routing Protocol (EIGRP) and requires unique routing process IDs per VRF for Integrated Intermediate System-to-Intermediate System (ISIS) and Open Shortest Path First (OSPF). | ||
| Line 21: | Line 21: | ||
* IP static routes are configured under the specified '''vrf context'''. In Cisco IOS Software, all static routes are configured in global configuration mode with the '''vrf''' option. | * IP static routes are configured under the specified '''vrf context'''. In Cisco IOS Software, all static routes are configured in global configuration mode with the '''vrf''' option. | ||
* A VRF instance can be manually disabled with the '''shutdown''' command. Cisco IOS Software does not have the CLI capability to manually disable a VRF instance. | * A VRF instance can be manually disabled with the '''shutdown''' command. Cisco IOS Software does not have the CLI capability to manually disable a VRF instance. | ||
| - | * If a VRF context is removed with the '''no vrf context ''<name>'' '''configuration command, the VRF context commands will be removed from the running configuration making the VRF non-functional, but all non context related VRF commands will remain in the running configuration. When a VRF is removed in Cisco IOS Software, the VRF instance and all related VRF commands are automatically removed from the running configuration, including any interface IP addresses previously associated to the VRF. | + | * If a VRF context is removed with the '''no vrf context ''<name>'' '''configuration command, the VRF context commands will be removed from the running configuration making the VRF non-functional, but all non context related VRF commands will remain in the running configuration. When a VRF is removed in Cisco IOS Software, the VRF instance and all related VRF commands are automatically removed from the running configuration, including any interface IP addresses previously associated to the VRF instance. |
| Line 49: | Line 49: | ||
!width="475" align="center" |<font size = "5">'''''Cisco NX-OS CLI'''''</font> | !width="475" align="center" |<font size = "5">'''''Cisco NX-OS CLI'''''</font> | ||
|- | |- | ||
| - | |<font size = "3">'''Creating a VRF'''</font> | + | |<font size = "3">'''Creating a VRF Instance'''</font> |
|- | |- | ||
{| border="0" cellpadding="2" cellspacing="6" | {| border="0" cellpadding="2" cellspacing="6" | ||
| Line 108: | Line 108: | ||
network 192.168.10.0 | network 192.168.10.0 | ||
| - | auto-summary | + | no auto-summary |
autonomous-system 10 | autonomous-system 10 | ||
| Line 180: | Line 180: | ||
ip address 192.168.10.1/24 | ip address 192.168.10.1/24 | ||
| + | ip router ospf 10 area 0 | ||
| - | |||
router ospf 10 | router ospf 10 | ||
Revision as of 22:14, 13 January 2011
Objective
This tech note outlines the main differences in Layer 3 virtualization support between Cisco® NX-OS Software and Cisco IOS® Software. Sample configurations are included for Cisco NX-OS and Cisco IOS Software for some common features to demonstrate the similarities and differences. Please refer to the NX-OS documentation on Cisco.com for a complete list of supported features.
Virtualization Routing and Forwarding Overview
Virtual Routing and Forwarding (VRF) provides an additional layer of network virtualization on top of virtual device contexts (VDCs). VRF provides separate unicast and multicast address space and associated routing protocols that make independent forwarding decisions. All unicast and multicast protocols support VRF.
Important Cisco NX-OS and Cisco IOS Software Differences
In Cisco NX-OS:
- Cisco NX-OS supports 1000 VRF instances per chassis consisting of 250 VRF instances per VDC with 4 VDCs (994 VRF instances can be configured in 1 VDC).
- Two VRF instances are configured by default. The management port on the supervisor module is assigned to the management VRF, and all I/O module ports are assigned to the default VRF.
- The default VRF instance is the default routing context for all show commands.
- VRF instances can be enabled without any command-line interface (CLI) prerequisites. Cisco IOS Software requires ip cef to be enabled globally before a VRF instance can be configured.
- Multicast routing/forwarding can be configured per VRF instance without having to globally enable the VRF instance for multicast . Cisco IOS Software requires the global ip multicast-routing vrf <name> command per VRF instance.
- The CLI for enabling VRF routing for a protocol is consistent for all routing protocols, whereas Cisco IOS Software uses address families for Border Gateway Protocol (BGP), Routing Information Protocol (RIP), and Enhanced Interior Gateway Routing Protocol (EIGRP) and requires unique routing process IDs per VRF for Integrated Intermediate System-to-Intermediate System (ISIS) and Open Shortest Path First (OSPF).
- In Cisco NX-OS, numerous VRF instances can be assigned to a single routing protocol instance.
- IP static routes are configured under the specified vrf context. In Cisco IOS Software, all static routes are configured in global configuration mode with the vrf option.
- A VRF instance can be manually disabled with the shutdown command. Cisco IOS Software does not have the CLI capability to manually disable a VRF instance.
- If a VRF context is removed with the no vrf context <name> configuration command, the VRF context commands will be removed from the running configuration making the VRF non-functional, but all non context related VRF commands will remain in the running configuration. When a VRF is removed in Cisco IOS Software, the VRF instance and all related VRF commands are automatically removed from the running configuration, including any interface IP addresses previously associated to the VRF instance.
Things You Should Know
The following list provides some additional facts about Cisco NX-OS that should be helpful when configuring and maintaining VRF instances.
- When you assign a VRF instance to an interface with an IP address previously configured, the interface IP address is automatically removed.
- Static routes or dynamic routing protocols can be configured for routing in a VRF instance (BGP, EIGRP, ISIS, OSPF, static routes, and RIPv2).
- IP troubleshooting tools such as ping and traceroute are VRF aware and require the name of a specific VRF instance if testing in the default VRF instance is not desired.
- The routing-context vrf command can be executed in EXEC mode to change the routing context to a non-default VRF instance. For example, typing routing-context vrf management changes the routing context, so all VRF related commands are executed in the management VRF as opposed to the default VRF.
- Network management–related services such as authentication, authorization and accounting (AAA), Call Home, DNS, FTP, HTTP, NetFlow, NTP, PING, RADIUS, SCP, sFTP, SNMP, SSH, Syslog, TACACS+, TELNET, TFTP, Traceroute, and XML are VRF aware.
- The global configuration write erase boot command will erase the management VRF instance configuration. The write erase command without the boot option will not.
Configuration Comparison
The following sample code shows configuration similarities and differences between the Cisco NX-OS and Cisco IOS Software CLIs. Sample code is provided only to illustrate how to enable VRF routing. The Cisco NX-OS CLI is simpler and more consistent since it allows multiple VRF instances to be assigned to a single routing protocol instance, whereas Cisco IOS Software uses different techniques depending on the routing protocol.
| Cisco IOS CLI | Cisco NX-OS CLI | |
|---|---|---|
| Creating a VRF Instance |
| ip cef
ip vrf vrf-1 | vrf context vrf-1 |
|---|
| Assigning an Interface to a VRF |
| interface Ethernet2/1
ip vrf forwarding vrf-1 ip address 192.168.10.1 255.255.255.0 | interface Ethernet2/1
vrf member vrf-1 ip address 192.168.10.1/24 |
|---|
| Enabling BGP in a VRF |
| router bgp 10
neighbor 192.168.10.2 remote-as 20 neighbor 192.168.10.2 activate network 192.168.1.1 mask 255.255.255.255 exit-address-family | router bgp 10
vrf vrf-1 address-family ipv4 unicast network 192.168.1.1/32 neighbor 192.168.10.2 remote-as 20 address-family ipv4 unicast |
|---|
| Enabling EIGRP in a VRF |
| router eigrp 10
network 192.168.10.0 no auto-summary autonomous-system 10 exit-address-family! | interface Ethernet2/1
vrf member vrf-1 ip address 192.168.10.1/24 ip router eigrp 10
vrf vrf-1 |
|---|
| Enabling ISIS in a VRF |
| interface Ethernet2/1
ip vrf forwarding vrf-1 ip address 192.168.10.1 255.255.255.0 ip router isis 10
router isis 10 vrf vrf-1 net 49.0001.0000.0001.00 | interface Ethernet2/1
vrf member vrf-1 ip address 192.168.10.1/24 ip router isis 10
vrf vrf-1 net 49.0001.0000.0001.00 |
|---|
| Enabling OSPF in a VRF |
| interface Ethernet2/1
ip vrf forwarding vrf-1 ip address 192.168.10.1 255.255.255.0
network 192.168.10.0 0.0.0.255 area 0 | interface Ethernet2/1
vrf member vrf-1 ip address 192.168.10.1/24 ip router ospf 10 area 0
vrf vrf-1 |
|---|
| Enabling RIPv2 in a VRF |
| interface Ethernet2/1
ip vrf forwarding vrf-1 ip address 192.168.10.1 255.255.255.0
address-family ipv4 vrf vrf-1 network 192.168.10.0 version 2 exit-address-family | interface Ethernet2/1
vrf member vrf-1 ip address 192.168.10.1/24 ip router rip 10
vrf vrf-1 |
|---|
| Configuring Static Routes in a VRF |
| ip route vrf vrf-1 192.168.2.0 255.255.255.0 192.168.10.2 | vrf context vrf-1
ip route 192.168.2.0/24 192.168.10.2 |
|---|
Verification Command Comparison
The following table compares some useful show commands for verifying and troubleshooting VRF instances.
| Cisco NX-OS VRF | Cisco IOS Software VRF | Command Description |
|---|---|---|
| show vrf | show ip vrf | Displays a list of all configured VRF instances |
| show vrf <name> | show ip vrf <name> | Displays a specific VRF instance |
| show vrf <name> detail | show ip vrf detail <name> | Displays details for a specific VRF instance |
| show vrf <name> interface | - | Displays the interface assignment for a specific VRF instance |
| show vrf default | - | Displays a summary of the default VRF instance |
| show vrf detail | show ip vrf detail | Displays details for all VRF instances |
| show vrf interface | show ip vrf interface | Displays VRF interface assignments |
| show vrf management | - | Displays a summary of the management VRF instance |
| - | - | - |
| show ip route vrf all | - | Displays routes for all VRF instances |
| show ip route vrf default | - | Displays routes for the default VRF instance |
| show ip route vrf management | - | Displays routes for the management VRF instance |
| show ip route vrf <name> | show ip route vrf <name> | Displays routes for a specific VRF instance |
| - | - | - |
| show ip arp vrf <name> | show ip arp vrf <name> | Displays Address Resolution Protocol (ARP) entries for a specific VRF instance |
| - | - | - |
| show ip bgp vrf <name> | show ip bgp vpnv4 vrf <name> | Displays BGP commands for a specific VRF instance |
| show ip eigrp vrf <name> | show ip eigrp vrf <name> | Displays EIGRP information for specific VRF instance |
| show ip isis vrf <name> | show isis <#> | Displays ISIS commands for a specific VRF instance |
| show ip ospf vrf <name> | show ip ospf <#> | Displays OSPF information for a specific VRF instance |
| show ip rip vrf <name> | show ip rip database vrf <name> | Displays RIP information for a specific VRF instance |
| show ip static-route vrf <name> | - | Displays static routes for a specific VRF instance |
| - | - | - |
| show forwarding vrf <name> | show ip cef vrf <name> | Displays FIB information for a specific VRF (multiple sub-options) |
| - | - | - |
| show routing vrf | - | Displays a subset of the show vrf commands |
| show routing-context | - | Displays the current routing context |
