Cisco IOS Easy Virtual Network Command Reference

debug condition vrf

To limit debug output to a specific virtual routing and forwarding (VRF) instance, use the debug condition vrf command in privileged EXEC mode. To remove the debug condition, use the undebug version of the command .

debug condition vrf vrf-name

undebug condition vrf vrf-name

Syntax Description


`vrf-name`	Name assigned to a VRF.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.

Usage Guidelines

Use this command to limit debug output to a single VRF.

Note

Enhanced Interior Gateway Routing Protocol (EIGRP) does not support the debug condition vrf command.

Examples

The following example shows how to limit debugging output to VRF red:


Router# debug condition vrf red

Related Commands


Command	Description
vrf definition	Configures a VRF routing table instance.

debug vrf

To get debugging information on virtual routing and forwarding (VRF) instances, use the debug vrf command in privileged EXEC mode. To turn off the debug output, use the undebug version of the command.

debug vrf {create | delete | error | ha | initialization | interface | ipv4 | ipv6 | issu | lock | lookup | mpls | selection}

undebug vrf {create | delete | error | ha | initialization | interface | ipv4 | ipv6 | issu | lock | lookup | mpls | selection}

Syntax Description


create	Specifies VRF creation debugging.
delete	Specifies VRF deletion debugging.
error	Specifies VRF error debugging.
ha	Specifies VRF high-availability debugging.
initialization	Specifies VRF subsystem initialization debugging.
interface	Specifies VRF interface assignment debugging.
ipv4	Specifies VRF IPv4 address-family debugging.
ipv6	Specifies VRF IPv6 address-family debugging.
issu	Specifies VRF in-service, software- upgrade debugging.
lock	Specifies VRF lock debugging.
lookup	Specifies VRF database-lookup debugging.
mpls	Specifies VRF Multiprotocol Label Switching (MPLS) debugging.
selection	Specifies VRF selection debugging.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.

Usage Guidelines

Use this command to get debugging information on VRFs.

Examples

The following example shows how to turn on debugging of VRF interface assignment:


Router# debug vrf interface

Related Commands


Command	Description
vrf definition	Defines a virtual routing and forwarding instance.

description (VRF definition)

To assign a helpful description to a virtual routing and forwarding (VRF) instance, use the description command in VRF definition configuration mode. To remove the description, use the no form of this command.

description string

no description

Syntax Description


`string`	Description of a VRF (up to 244 characters).

Command Default

This command has no default arguments or keywords.

Command Modes

VRF definition configuration mode (config-vrf)

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.

Usage Guidelines

Use the description command in VRF definition configuration mode to specify a helpful string of text to aid network administrators reading configuration files.

Examples

The following example describes VRF red as a VRF for carrying Company-A traffic using the description command in VRF definition configuration mode:


Router(config)# vrf definition red
Router(config-vrf)# description Company-A

Related Commands


Command	Description
vrf definition	Defines a virtual routing and forwarding instance.

exit-if-vnet

To exit virtual network interface mode, use the exit-if-vnet command in virtual network interface mode.

exit-if-vnet

Syntax Description

This command has no arguments or keywords.

Command Modes

Virtual network interface (config-if-vnet)

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.

Usage Guidelines

This command is not saved in a configuration and therefore does not appear in show running-config output.

The exit-if-vnet command is one of the commands that will be displayed in system help if you enter a ? at the Router (config-if-vnet)# prompt. However, the exit command performs the same function as the exit-if-vnet command and is a shorter command to enter.

Examples

The following example shows how to exit virtual network interface mode using the exit-if-vnet command:


Router(config)# vrf definition red
Router(config-vrf)# vnet tag 100
R1(config-vrf)# description guest access
R1(config-vrf)# address-family ipv4
R1(config-vrf-af)# exit-address-family
R1(config-vrf)# vrf definition blue
R1(config-vrf)# vnet tag 200
R1(config-vrf)# description Finance
R1(config-vrf)# address-family ipv4
R1(config-vrf-af)# exit-address-family
R1(config-vrf)# interface fastethernet 1/1/1
R1(config-if)# ip address 10.1.1.1 255.255.255.0
R1(config-if)# vnet trunk
R1(config-if)# vnet name blue
R1(config-if-vnet)# exit-if-vnet
R1(config-if)#

Related Commands


Command	Description
exit	Exits any configuration mode to the next highest mode in the CLI-mode hierarchy.
vnet	Configures overrides of an interface’s attributes on a per-VRF basis and enters virtual network interface mode.

exit-vrf-list

To exit VRF list submode, use the exit-vrf-list command in VRF list submode.

exit-vrf-list

Syntax Description

This command has no arguments or keywords.

Command Modes

VRF list configuration mode (config-vrf-list)

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.

Usage Guidelines

This command is not saved in a configuration and therefore does not appear in show running-config output.

The exit-vrf-list command is one of the commands that will be displayed in system help if you enter a ? at the Router (config-vrf-list)# prompt. However, the exit command performs the same function as the exit-vrf-list command and is a shorter command to enter.

Examples

The following example shows how to exit VRF list mode using the exit-vrf-list commands:


Router(config)# vrf list external
Router(config-vrf-list)# member blue
Router(config-vrf-list)# exit-vrf-list
Router(config)#

Related Commands


Command	Description
exit	Exits any configuration mode to the next highest mode in the CLI-mode hierarchy.
vrf list	Defines a list of VRFs.

ip ospf vnet area

To create an association between the virtual network subinterfaces in a virtual network trunk interface and the default Open Shortest Path First (OSPF) instance for each virtual network, use the ip ospf vnet area command in interface configuration mode. To remove the association, use the no form of this command.

ip ospf vnet area area-id

no ip ospf vnet area area-id

Syntax Description


`area-id`	OSPF area ID as a decimal value or in IP address format.

Command Default

The default OSPF instance for a virtual network is the OSPF instance in the virtual network that has the lowest OSPF process ID.

Command Modes

Interface configuration (config-if)

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.

Usage Guidelines

The ip ospf vnet area command is allowed only on virtual network trunk interfaces. Removing the vnet trunk command will cause the ip ospf vnet area command to be removed also.

Use this command to associate all of the virtual networks on the trunk interface with the default OSPF instance.

The default OSPF instance for a virtual network is the OSPF instance in the virtual network that has the lowest OSPF process ID. Therefore, adding or removing of OSPF instances can cause a subinterface using the ip ospf vnet area command to move from one instance to another.

Note

This command does not create a new OSPF instance. OSPF instances must be created explicitly in OSPF router submode. This behavior provides a way of omitting OSPF in selected virtual networks.

Examples

The following example shows how to associate all of the virtual networks on a trunk interface with a default OSPF instance:


Router(config)# interface gigabitethernet 0/0/0
Router(config-if)# ip address 10.0.0.1 255.255.255.0
Router(config-if)# vnet trunk
Router(config-if)# ip ospf vnet area 0

Related Commands


Command	Description
vnet trunk	Configures an interface to be a virtual network trunk interface.

member (VRF list)

To make a VRF a member of a VRF list, use the member command in VRF list configuration mode. To remove the membership, use the no form of this command.

member vrf-name

no member vrf-name

Syntax Description


`vrf-name`	Name of a VRF that belongs to the VRF list.

Command Default

There are no VRF members in a VRF list.

Command Modes

VRF list configuration (config-vrf-list)

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.

Usage Guidelines

Use this command to designate that a VRF is a member of a VRF list. A VRF list can be used to specify which VRFs are enabled over a trunk interface. The list can be referenced in the vnet trunk command to apply the trunk features to all of the VRFs on the list at once.

A VRF must be defined before it can be specified as a member of a VRF list. Up to 32 VRFs can be added to a VRF list.

Examples

The following example defines a VRF list named Company-A using the member command in VRF list configuration mode. Members on the list are VRF red and VRF green.


Router(config)# vrf definition red
Router(config-vrf)# vnet tag 100
Router(config-vrf)# vrf definition green
Router(config-vrf)# vnet tag 200
Router(config-vrf)# exit
Router(config)# vrf list Company-A
Router(config-vrf-list)# member red
Router(config-vrf-list)# member green

Related Commands


Command	Description
vnet trunk	Configures an interface to be a trunk interface.
vrf definition	Defines a virtual routing and forwarding instance.
vrf list	Defines a list of VRFs.

redistribute vrf

To redistribute routes that are replicated from one VRF into another VRF, use the redistribute vrf command in router configuration mode. To stop such redistribution, use the no form of this command.

redistribute vrf vrf-name route-map map-tag

no redistribute vrf vrf-name route-map map-tag

Syntax Description


`vrf-name`	Specifies the name of the VRF from which routes are replicated.
route-map `map-tag`	Specifies the name of a route map that filters out routes that should not be redistributed back to the original protocol.

Command Default

No routes are redistributed.

Command Modes

Router configuration (config-rtr)#

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.

Usage Guidelines

Use this command when you have multiple VRFs that need to access a shared service, such as a database server or application server. The clients and servers are located in different VRFs. To achieve connectivity between clients and servers, routes must be exchanged among VRFs. Routes are replicated from one VRF to another VRF, then the routes are propagated across each VRF through redistribution into the Interior Gateway Protocol (IGP).

We recommend implementing the route replication on the router directly connected to the server subnet. This eliminates the need to redistribute the host prefixes on the server’s VRF and thereby avoids a potential routing loop.

Examples

The following example redisributes routes that were replicated from VRF blue into VRF red:


Router(config)# vrf definition red
Router(config-vrf)# vnet tag 101
Router(config-vrf)# address-family ipv4
Router(config-vrf)# route-replicate from vrf blue all route-map server-prefix-map
Router(config-vrf)# exit
Router(config)# ! Server prefix is carried in red and blue’s IGP to provide reachability 
Router(config)# ! to the server.
Router(config)# router ospf 1 vrf red
Router(config-rtr)# ! Redistribute routes that were replicated from vrf blue into red.
Router(config-rtr)# redistribute vrf blue route-map server-prefix-map

Related Commands


Command	Description
route-map	Defines the conditions for redistributing routes from one routing protocol into another.
route-replicate	Replicates routes from another topology and another VRF.

route-replicate (VRF address family)

To replicate routes from another topology and Virtual Routing and Forwarding (VRF), use the route-replicate command in VRF address family configuration mode. To stop replicating routes, use the no form of this command.

route-replicate from vrf source-vrf-name {multicast | unicast} protocol [route-map map-tag]

no route-replicate from vrf source-vrf-name {multicast | unicast} protocol [route-map map-tag]

Syntax Description


from	Specifies the topology where route replication is enabled.
vrf `source-vrf-name`	Specifies the name of the VRF from which routes are replicated.
multicast	Specifies a multicast subsequent address family Identifier(SAFI).
unicast	Specifies a unicast SAFI.
`protocol`	Type of protocol of the source route. Note that some keywords require an argument. Valid keywords and arguments are: all —Specifies all routes are replicated, including the NHRP routes (H Routes). bgp `autonomous-system-number` —Border Gateway Protocol (BGP). connected —Connected routes. eigrp `autonomous-system-number` —Enhanced Interior Gateway Routing Protocol (EIGRP). isis `area-tag` —SO Intermediate System-to-Intermediate System (IS-IS). mobile —Mobile routes. odr —On-demand stub routes. ospf `process-id` —Open Shortest Path First (OSPF). rip —Routing Information Protocol (RIP). static —Static routes.
route-map `map-tag`	(Optional) Specifies the name of a route map that filters out routes that should not be replicated.

Command Default

No routes are replicated.

Command Modes

VRF address family configuration (config-vrf-af)

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.

Usage Guidelines

Route replication creates a link to a route in a routing information base (RIB) that is in a different VRF.

Examples

The following example redistributes routes that were replicated from VRF blue into red:


Router(config)# vrf definition red
Router(config-vrf)# vnet tag 101
Router(config-vrf)# address-family ipv4
Router(config-vrf-af)# route-replicate from vrf blue all route-map server-prefix-map
Router(config-vrf-af)# exit-address-family
Router(config)# ! Server prefix is carried in red and blue’s IGP to provide reachability 
Router(config)# ! to the server.
Router(config)# router ospf 1 vrf red
Router(config-rtr)# ! Redistribute routes that were replicated from vrf blue into red.
Router(config-rtr)# redistribute vrf blue route-map server-prefix-map

Related Commands


Command	Description
route-map	Defines the conditions for redistributing routes from one routing protocol to another.
show ip route	Displays the current state of the routing table.

routing-context

To specify that subsequent EXEC commands will apply to a specific virtual routing and forwarding (VRF) instance, use the routing-context command in privileged EXEC mode.

routing-context vrf vrf-name

Syntax Description


vrf `vrf-name`	Specifies the name of the VRF on which subsequent EXEC commands will be based. The vrf global keyword-argument pair indicates global vnet.

Command Default

There is no routing context for a specific VRF on which to base EXEC commands.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.

Usage Guidelines

Use this command to set a VRF context before entering several privileged EXEC commands that you want to apply to the same VRF. This command saves you from repeatedly entering a VRF name in several EXEC commands that apply to a single VRF.

When in a routing context, the system prompt changes to indicate the routing context being used.

Commands that can be used in a routing context are ping , show ip route , telnet , and traceroute .

Use the routing-context vrf global command to exit the routing context.

Examples

The following example of the routing-context command causes subsequent EXEC commands to apply to VRF red:


Router# routing-context vrf red
Router%red# ping 10.2.2.3
Protocol [ip]:
Sending 5, 100-byte ICMP Echos to 10.2.2.3, timeout is 2 seconds:
!!!!
Success rate is 100 percent, round-trip min/avg/max = 1/2/4 ms
Router%red# show ip route
Routing Table: red
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override
Gateway of last resort is not set
      10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        10.1.3.0/24 is directly connected, GigabitEthernet0/0/0.100
L        10.1.3.1/32 is directly connected, GigabitEthernet0/0/0.100
Router%red#

Related Commands


Command	Description
vrf definition	Configures a virtual routing and forwarding instance.

show running-config vnet

To display the running configuration of virtual networks configured on a router, use the show running-config vnet command in privileged EXEC mode.

show running-config vnet [vrf-name]

Syntax Description


`vrf-name`	(Optional) Name of a virtual network for which to display the running configuration.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.

Usage Guidelines

Use this command to display the running configuration for one or all virtual networks configured on a router. The show running-config vnet command displays the same output as the show running-config vrf command, but displays only the virtual networks in the running configuration, not virtual routing and forwarding (VRF) instances.

Examples

The following sample output from the show running-config vnet command displays the running configurations for the virtual networks configured on the router.


Router# show running-config vnet
Building configuration...
Current configuration : 507 bytes
vrf definition blue
 vnet tag 200
 !
 address-family ipv4
 exit-address-family
!
!
interface GigabitEthernet1/1/0
 vnet trunk
 ip address 10.1.1.1 255.255.255.0
 vnet name red
 !
!
!
vrf definition red
 vnet tag 100
 !
 address-family ipv4
 exit-address-family
!
!         
interface GigabitEthernet1/1/0
 vnet trunk
 ip address 10.1.1.1 255.255.255.0
 vnet name red
 !
!
router eigrp rtp
!
address-family ipv4 unicast vrf red autonomous-system 1
  !
  topology base
  exit-af-topology
  network 10.0.0.0
 exit-address-family
!
!
end

Related Commands


Command	Description
vrf definition	Configures a VRF routing table instance.
show running-config vrf	Displays the subset of the running configuration of a router that is linked to a specific VPN VRF instance or to all VRFs configured on the route

show vnet

To display information about virtual networks, use the show vnet command in privileged EXEC mode.

show vnet [ipv4 | ipv6] [interface | brief | detail | lock] [vrf-name]

Syntax Description


ipv4	(Optional) Displays IPv4 information.
ipv6	(Optional) Displays IPv6 information when IPv6 is implemented in VRF NG.
interface	(Optional) Displays information about interfaces that have virtual networks configured.
brief	(Optional) Displays the name, tag, protocol, and interface for each virtual network.
detail	(Optional) Displays detailed information about virtual networks.
lock	(Optional) Displays VRF lock information.
`vrf-name`	(Optional) Name of a VRF.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.

Usage Guidelines

Because a virtual network is a VRF, the show vnet command displays a subset of what the show vrf command displays; it displays only information about virtual networks.

Examples

The following sample output from the show vnet command displays information about the interfaces that have virtual networks configured. The output is self-explanatory.


Router# show vnet interface
Interface    State VNET                             Tag   IP-Address
G1/1.100    Up    red                              100   10.1.1.1
G1/1.200    Up    blue                             200   10.1.1.1

Related Commands


Command	Description
show vrf	Displays information about VRFs.

show vnet counters

To display virtual network statistics, use the show vnet counters command in privileged EXEC mode.

show vnet counters

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.

Usage Guidelines

Use this command to see virtual network statistics, such as the number of trunk interfaces configured on a router.

Examples

The following is sample output from the show vnet counters command. The output is self-explanatory.


Router# show vnet counters
Maximum number of VNETs supported: 32
Current number of VNETs configured: 8
Current number of VNET trunk interfaces: 1
Current number of VNET subinterfaces: 0
Current number of VNET forwarding interfaces: 0

Related Commands


Command	Description
vnet	Configures overrides of an interface’s attributes on a per-VRF basis and enters virtual network interface mode.

show vnet tag

To display where virtual network tags have been used or configured, use the show vnet tag command in privileged EXEC mode.

show vnet tag

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.

Examples

The following sample output from the show vnet tag command displays the virtual network tags in use on all of the interfaces on the router.


Router# show vnet tag
Tag   VNET(s)                          Interfaces 
100   red                              G1/1.100 
200   blue                             G1/1.200

The following table describes the significant fields shown in the display.

Table 1. show vnet tag Field Descriptions
Field	Description
Tag	Virtual network tag.
VNET(s)	Name of the virtual network using the tag.
Interface(s)	Interface on which the virtual network tag is configured or used. The tag number is appended to the interface number.

Related Commands


Command	Description
vnet tag	Assigns a tag to a virtual network.
vrf forwarding	Creates an edge interface for a virtual network.

show vrf counters

To display VRF statistics, use the show vrf counters command in privileged EXEC mode.

show vrf counters

Syntax Description

This command has no keywords or arguments.

Command Default

This command has no default arguments.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.

Usage Guidelines

Use this command to see VRF statistics, such as the number of VRFs configured on a router.

Examples

The following example displays sample output for the show vrf counters command.


Router# show vrf counters
Maximum number of VRFs supported: 10000
Maximum number of IPv4 VRFs supported: 10000
Maximum number of IPv6 VRFs supported: 10000
Current number of VRFs: 1
Current number of IPv4 VRFs: 0
Current number of IPv6 VRFs: 0

Related Commands


Command	Description
vrf definition	Configures a VRF instance.

show vrf list

To display information about a VRF list, use the show vrf list command in privileged EXEC mode.

show vrf list [vrf-list-name]

Syntax Description


`vrf-list-name`	(Optional) Name of a VRF list to restrict the output.

Command Default

This command has no default arguments or keywords.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.

Usage Guidelines

Use this command to see the VRF lists on a router and which VRFs are on each list.

Examples

The following is sample output from the show vrf list command.


Router# show vrf list
List Name: CustomerA
  Description: CustomerA’s site
  VRF Member Name(s):
    Red
    Blue
    Green
List Name: CustomerB
  Description: CustomerB
  VRF Member Name(s):
    Orange
    Purple

The output is self-explanatory.

Related Commands


Command	Description
vrf list	Defines a list of VRFs.

snmp context

To create a Simple Network Management Protocol (SNMP) context for Multitopology Routing (MTR) for virtual networking, use the snmp context command in the appropriate command mode. To delete an SNMP context, use the no form of this command.

For SNMPv1 or v2c

snmp context context-name [community community-name [ro | rw]]

For SNMPv3

snmp context context-name [user username [credential | [encrypted] [auth {md5 password | sha password}] [access {access-list-number | access-list-name | ipv6 access-list-name}]]]

no snmp context context-name

Syntax Description


`context-name`	Name of the SNMP context being created.
community `community-name`	(Optional) In SNMPv2c, specifies an SNMP community string.
ro	(Optional) In SNMPv2c, specifies read-only access.
rw	(Optional) In SNMPv2c, specifies read/write access.
user `username`	(Optional) In SNMPv3, specifies an SNMP user.
credential	(Optional) In SNMPv3, specifies if a user password is already configured and saved.
encrypted	(Optional) In SNMPv3, specifies that passwords are Message Digest5 (MD5) or Secure Hash Algorithm (SHA) digests.
auth	(Optional) In SNMPv3, specifies authentication parameters for a user.
md5 `password`	(Optional) In SNMPv3, uses an Hash-based Message Authentication Code (HMAC) MD5 algorithm for authentication.
sha `password`	(Optional) In SNMPv3, uses an HMAC SHA algorithm for authentication.
access	(Optional) In SNMPv3, specifies an access list associated with a group.
`access-list-number`	(Optional) In SNMPv3, a standard access list number in the range of 1 to 99.
`access-list-name`	(Optional) In SNMPv3, an access list name.
ipv6 `access-list-name`	(Optional) In SNMPv3, specifies an IPv6 access list name.

Command Default

No SNMP contexts are configured.

Command Modes

Address family configuration (config-router-af)

Router address family topology configuration (config-router-af-topology)

Router configuration (config-router)

VRF address family configuration (config-vrf-af)

VRF configuration (config-vrf)

Command History


Release	Modification
12.2(33)SRB	This command was introduced.
Cisco IOS XE Release 3.1S	This command integrated into Cisco IOS XE Release 3.1S.
Cisco IOS XE Release 3.2S	This command was modified. All of the keywords were added, and all of the arguments except for `context-name` were added.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.

Usage Guidelines

When you use the no snmp context command, all SNMP instances in that context are deleted.

Examples

The following example shows how to create an SNMP context to be associated with VPN companyA:


Device(config)# ip vrf companyA
Device(config-vrf)# snmp context contextA

The following example shows how to create an SNMP context in VRF address family configuration mode to be associated with VPN companyA:


Device(config)# vrf definition companyA
Device(config-vrf)# address-family ipv4
Device(config-vrf-af)# snmp context contextA

Related Commands


Command	Description
address-family (VRF)	Selects an address family type for a VRF table and enters VRF address family configuration mode.
ip vrf	Configures a VRF routing table.
show snmp context mapping	Displays information about SNMP context mappings for MTR.
vrf definition	Configures a VRF routing table instance and enters VRF configuration mode.

vnet

To override interface configurations on a per-virtual routing and forwarding (VRF) basis, use the vnet command in the appropriate configuration mode. To remove VRF-specific configurations, use the no form of this command.

vnet {global | name vrf-name}

no vnet {global | name vrf-name}

Syntax Description

global

Allows the parent interface and subinterfaces to have different configurations. This is helpful when you have untagged packets arriving on the parent interface; vnet global configurations are applied to such packets.

Note

Every router has a predefined virtual Network (vNET) known as “vNET global,” which refers to the global routing context, corresponds to the default Routing Information Base (RIB), is the default routing table, and carries untagged traffic. By default, interfaces belong to vNET global.

name vrf-name

Specifies a VRF that is included in the list of VRFs assigned to the interface by the vnet trunk command.

Command Default

Only vNET global exists.

Command Modes

Interface configuration (config-if)

Virtual network interface configuration (config-if-vnet)

Address family interface configuration (config-router-af-interface)

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
Cisco IOS XE Release 3.5S	This command was modified. The command was made available in address family interface configuration mode in EIGRP-named mode configurations.
15.2(1)S	This command was integrated into Cisco IOS Release 15.2(1)S. and modified. The command was made available in address family interface configuration mode in EIGRP-named mode configurations.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 15.1(1)SG.
15.3(2)T	This command was integrated into Cisco IOS Release 15.3(2)T.

Usage Guidelines

This command can be used in interface configuration mode to configure vNET commands on the interface only if the interface is configured as a trunk interface. Any commands entered after the vnet command will be disabled on any interface that does not have the vnet trunk command configured.

VRF subinterfaces inherit certain configurations from the parent interface. An example is the ip ospf cost command.

Use the vnet command if you want to configure a VRF-specific command that is different from a command configured on the parent interface. Use this command to enter virtual network interface mode and then configure commands that will apply to a specified VRF.

Examples

The following example using the vnet command shows how to define a VRF instance named vrf1 on Gigabit Ethernet interface 1/1/1. The system then enters virtual network interface mode and the user configures the Open Shortest Path First (OSPF) value to 30 that overrides the value inherited by the VRFs on the trunk interface, which had an OSPF cost of 20.


Router(config)# interface gigabitethernet 1/1/1
Router(config-if) vnet trunk
Router(config-if) ip address 10.1.2.1 255.255.255.0
Router(config-if) ! Set OSPF cost for all vNETs on this interface to 20.
Router(config-if) ip ospf cost 20
Router(config-if) vnet name vrf1
Router(config-if) ! Set OSPF cost for vrf1 to 30.
Router(config-if-vnet) ip ospf cost 30
Router(config-if-vnet) exit-if-vnet

The following example using the vnet command shows how to define vrf1 on Gigabit Ethernet interface 1/1/1. The system then enters virtual network interface mode and the user configures the OSPF cost value to 40, which applies to vnet global only.


Router(config)# interface gigabitethernet1/1/1
Router(config-if) vnet trunk
Router(config-if) ip address 10.1.2.1 255.255.255.0
Router(config-if) vnet global
Router(config-if-vnet) ! Set OSPF cost for global to 40.
Router(config-if-vnet) ip ospf cost 40
Router(config-if-vnet) exit-if-vnet

Related Commands


Command	Description
vnet trunk	Configures an interface to be a trunk interface.
ip ospf cost	Specifies the cost of sending a packet on an interface .

vnet tag

To assign a tag to a virtual network, use the vnet tag command in vrf definition submode or interface VRF mode. To remove the tag, use the no form of this command.

vnet tag number

no vnet tag number

Syntax Description


`number`	Numeric tag that will encapsulate the packets in a virtual network. The range for `number` is platform-dependent and can be one of the following: On Cisco Catalyst 6000 family, the range is from 2 to 1000. Beginning with Cisco IOS Release 15.1(1)SY, on the Sup2T platform of Cisco Catalyst 6000 product lines, if the vlan internal allocation policy descending command is configured, the vnet tag range is from 2 to 3900. On Cisco ASR 1000, the range is from 2 to 4094.

Command Default

This command has no default arguments or keywords.

Command Modes

VRF definition configuration (config-vrf)

Interface VRF configuration (config-if-vnet)

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.
15.1(1)SY	This command was modified. The range of the `number` argument is 2 to 3900 on the Sup2T platform of the Cisco Catalyst 6000 product lines if the vlan internal allocation policy descending command is configured.

Usage Guidelines

This command determines that the VRF is actually a virtual network instance.

This command is typically used in VRF definition mode to assign a single tag to a VRF. You must ensure that the same virtual network tag value is configured for the same VRF on each edge and core router (interface).

This command might be used in interface VRF submode on a trunk interface if the user wants to give a VRF a tag on one interface and a different tag on another interface. The primary application for this situation would be for a VRF edge router to peer with an Multiprotocol Label Switching (MPLS) VPN Provider Edge (PE) router and the PE links to the VRF edge are VLANs. The vnet tag command allows the user to configure the virtual network tags to be the same as the VLAN IDs on a per-interface basis.

Examples

The following example illustrates the typical use of a virtual network tag. This example show the vnet tag command in VRF definition mode and assigns tag 100 to VRF red.


Router(config)# vrf definition red
Router(config-vrf) vnet tag 100

The following example is not a typical scenario because one VRF is using two different tags. In this example, the vnet tag command is used in interface VRF submode and VRF blue is assigned tag 100 on Gigabit Ethernet interface 1/1/1 and tag 200 on Gigabit Ethernet interface 1/0/0.


Router(config)# interface gigabitethernet 1/1/1
Router(config-if)# vnet trunk
Router(config-if)# ip address 10.1.2.1 255.255.255.0
Router(config-if)# vnet name blue
Router(config-if)# vnet tag 100
Router(config-if)# exit
Router(config)# interface gigabitethernet 1/0/0
Router(config-if)# vnet trunk
Router(config-if)# ip address 10.1.2.2 255.255.255.0
Router(config-if)# vnet name blue
Router(config-if)# !Use different tag for vNET blue for this interface.
Router(config-if)# vnet tag 200

Related Commands


Command	Description
vlan internal allocation policy descending	Configures the allocation direction of the internal VLAN.
vrf definition	Defines a VRF instance.

vnet trunk

To configure an interface to be a virtual network trunk interface, use the vnet trunk command in interface configuration mode. To remove the virtual network trunk from the interface, use the no form of this command.

vnet trunk [list vrf-list-name]

no vnet trunk

Syntax Description


list `vrf-list-name`	(Optional) Allows the trunk to carry multiple VRFs and the name of a VRF list.

Command Default

This command has no default arguments or keywords.

Command Modes

Interface configuration (config-if)

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.

Usage Guidelines

A trunk interface connects VRF routers together to provide the core to transport traffic for multiple VRFs. Trunk interfaces carry tagged traffic.

Because a trunk interface carries multiple VRFs, sometimes it is not sufficient to display only the trunk interface name in the output of show or debug commands. When it is necessary to indicate that display output pertains to a particular VRF running on a trunk interface, the convention used is interface.vnet-tag, for example, g1/1.101 or g1/1.102 .

Examples

The following example uses the vnet trunk command to define Gigabit Ethernet interface 1/1/1 as a trunk interface.


Router(config)# interface gigabitethernet 1/1/1
Router(config-if)# vnet trunk
Router(config-if)# ip address 10.1.1.1 255.255.255.0

Related Commands


Command	Description
vrf list	Defines a list of VRFs.

vrf definition

To configure a virtual routing and forwarding (VRF) routing-table instance and enter VRF configuration mode, use the vrf definition command in global configuration mode. To remove a VRF routing table, use the no form of this command.

vrf definition vrf-name

no vrf definition vrf-name

Syntax Description


`vrf-name`	Name assigned to a VRF.

Command Default

No VRFs are defined. No import or export lists are associated with a VRF. No route maps are associated with a VRF.

Command Modes

Global configuration (config)

Command History


Release	Modification
12.2(33)SRB	This command was introduced.
12.2(33)SXH	This command was integrated into Cisco IOS Release 12.2(33)SXH.
12.2(33)SB	This command was integrated into Cisco IOS Release 12.2(33)SB.
12.4(20)T	This command was integrated into Cisco IOS Release 12.4(20)T.
12.2(33)SXI	This command was integrated into Cisco IOS Release 12.2(33)SXI.
Cisco IOS XE Release 3.1S	This command was integrated into Cisco IOS XE Release 3.1S.
Cisco IOS XE Release 3.2S	This command was modified. Its use was expanded to support virtual networks.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.
15.1(2)SNG	This command was implemented on the Cisco ASR 901 Series Aggregation Services Routers.

Usage Guidelines

Use the vrf definition command to give a VRF a name and to enter VRF configuration mode.

In VRF configuration mode, you can configure parameters such as rd or route-target that will be common to all address families. For example, you can configure shared route targets (import and export) that will be used by both IPv4 and IPv6. This feature is useful in a migration scenario, where IPv4 policies already are configured and IPv6 policies should be the same as the IPv4 policies. You can configure separate route-target policies for IPv4 and IPv6 VPNs in address family configuration mode. You enter address family configuration mode from VRF configuration mode.

The vrf definition default command can be used to configure a VRF name that is a NULL value until a default VRF name can be configured. This is typically before any VRF-related Authentication, Authorization, and Accounting (AAA) commands are configured.

By default, each virtual network trunk interface on a router is able to carry traffic for every VRF defined by the vrf definition command. If you want to enable only a subset of VRFs on a trunk interface, use the vrf list command.

Note

We recommend you do not define a virtual network with the name “global,” because the system predefines vnet global and it is best to avoid conflict with the predefined version.

Examples

The following example assigns the name vrf1 to a VRF, enters VRF configuration mode, and configures a route distinguisher, 100:20:


Router(config)# vrf definition vrf1
Router(config-vrf)# rd 100:20

The following virtual network example defines VRF red, enters VRF configuration mode, and assigns virtual network tag 100 to VRF red:


Router(config)# vrf definition red
Router(config-vrf)# vnet tag 100

Related Commands


Command	Description
address-family (VRF)	Enters VRF address family configuration mode to select an address family type for a VRF table.
rd	Specifies a BGP route distinguisher.
route-target	Creates a route-target extended community for a VPN VRF.
vnet	Configures overrides of an interface’s attributes on a per-VRF basis.
vnet tag	Assigns a tag to a virtual network.
vpn id	Sets or updates a VPN ID on a VRF.
vrf forwarding	Associates a VRF instance with an interface or subinterface.
vrf list	Defines a list of VRFs.

vrf forwarding

To associate a virtual routing and forwarding (VRF) instance or a virtual network with an interface or subinterface, use the vrf forwarding command in interface configuration mode. To disassociate a VRF or virtual network from an interface, use the no form of this command.

vrf forwarding vrf-name [downstream vrf-name2]

no vrf forwarding

Syntax Description


`vrf-name`	Interface name to be associated with the specified VRF.
downstream `vrf-name2`	(Optional) Enables half-duplex VRF (HDVRF) functionality on the interface and interface name associated with the specified downstream VRF.

Command Default

The default for an interface is the global routing table.

Command Modes

Interface configuration (config-if)

Command History


Release	Modification
12.2(33)SRB	This command was introduced.
12.2(33)SXH	This command was integrated into Cisco IOS Release 12.2(33)SXH.
12.2(33)SB	This command was integrated into Cisco IOS Release 12.2(33)SB. The command was modified and the downstream `vrf-name2` keyword and argument were added to support Multiprotocol Label Switching VPN half-duplex VRFs.
12.4(20)T	This command was integrated into Cisco IOS Release 12.4(20)T.
12.2(33)SXI	This command was integrated into Cisco IOS Release 12.2(33)SXI.
Cisco IOS XE Release 3.1S	This command was integrated into Cisco IOS XE Release 3.1S.
Cisco IOS XE Release 3.2S	This command was modified. Its use was expanded to support virtual networks.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.
15.1(2)SNG	This command was implemented on the Cisco ASR 901 Series Aggregation Services Routers.

Usage Guidelines

Use the vrf forwarding command to associate an interface with a VRF. When the interface is bound to a VRF, previously configured IPv4 and IPv6 addresses are removed, and they must be reconfigured.

The downstream keyword associates the interfaces with a downstream VRF, which enables half-duplex VRF functionality on the interface. Some functions operate in upstream VRFs, and others operate in downstream VRFs. The following functions operate in downstream VRFs:

PPP peer routes are installed in downstream VRFs.
Authentication, authorization, and accounting (AAA) per-user routes are installed in downstream VRFs.
A Reverse Path Forwarding (RPF) check is performed in the downstream VRFs.

In a virtual-network environment, the vrf forwarding command is supported on an edge interface, not on a trunk interface.

VRF forwarding and vnet configurations are mutually exclusive on an interface. In other words, an interface can be a VRF interface or a virtual network trunk interface, but not both.

Examples

The following example shows how to associate a VRF named site1 to serial interface 0/0 and configure an IPv6 and an IPv4 address:


interface Serial0/0
 vrf forwarding site1
 ipv6 address 2001:100:1:1000::72b/64
 ip address 10.11.11.1 255.255.255.0

The following example associates a VRF named U with the virtual-template 1 interface and specifies the downstream VRF named D:


Router(config)# interface virtual-template 1 
Router(config-if)# vrf forwarding U downstream D
Router(config-if)# ip unnumbered Loopback1

The following example shows how to configure an edge interface:


interface gigabitethernet 0/0/0
 vrf forwarding red
 ip address 10.12.12.1 255.255.255.0

Related Commands


Command	Description
vnet	Enters virtual network interface mode.
vrf definition	Configures a VRF routing table instance and enters VRF configuration mode.

vrf list

To define a list of VRFs, use the vrf list command in global configuration mode. To remove the list of VRFs, use the no form of this command.

vrf list vrf-list-name

no vrf list vrf-list-name

Syntax Description


`vrf-list-name`	Name of a list of VRFs. A `vrf-list-name` may contain up to 32 characters. Quotation marks, spaces, and * are not allowed.

Command Default

This command has no default values.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Release 3.2S	This command was introduced.
15.0(1)SY	This command was integrated into Cisco IOS Release 15.0(1)SY.
15.1(1)SG	This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG	This command was integrated into Cisco IOS XE Release 3.3SG.

Usage Guidelines

Use this command to create a list of VRFs and then specify the VRFs that belong on the list. The list can be referenced in the vnet trunk command to specify that the trunk interface carry traffic for only the VRFs on the list.

The VRFs specified for the list must already be defined. A maximum of 32 VRF lists can be configured per router. Use the show vrf list command to see information about a list, such as a description and members.

Examples

The following example uses the vrf list command and defines a list named nonprofits. Members on the list are VRF red and VRF green.


Router(config)# vrf definition red
Router(config-vrf)# vnet tag 100
Router(config-vrf)# description Foundation A
Router(config-vrf)# vrf definition green
Router(config-vrf)# vnet tag 200
Router(config-vrf)# description Foundation B
Router(config-vrf)# exit
Router(config)# vrf list nonprofits
Router(config-vrf-list)# description nonprofits 2010
Router(config-vrf-list)# member red
Router(config-vrf-list)# member green

Related Commands


Command	Description
member	Defines a member of a VRF list.
show vrf list	Displays information about VRF lists.

Bias-Free Language

Results

Chapter: A through Z

A through Z

debug condition vrf

Syntax Description

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

debug vrf

Syntax Description

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

description (VRF definition)

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

exit-if-vnet

Syntax Description

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

exit-vrf-list

Syntax Description

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

ip ospf vnet area

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

member (VRF list)

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

redistribute vrf

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

route-replicate (VRF address family)

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

routing-context

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

Examples