virtual router/ virtaul switch

  • 0
  • 1
  • Question
  • Updated 4 years ago
  • Answered
Hi,

I are trying to understand from a layer two point of view does each virtual router have its own FDB database, taken in that we will not share any physical ports between the virtual routes.

In my case there will be three virtual routers, thus a requirement for three FDB database.

We are looking at this as more of a virtaul switch than a virtual router.

Thanks
Ian
Photo of Ian Worms

Ian Worms

  • 422 Points 250 badge 2x thumb

Posted 4 years ago

  • 0
  • 1
Photo of Stephane Grosjean

Stephane Grosjean

  • 762 Points 500 badge 2x thumb
Hi,
As you cannot share a VLAN between multiple VR, you have FDB isolation. But it's rather on a VLAN base.
Photo of Ian Worms

Ian Worms

  • 422 Points 250 badge 2x thumb
Hi,

Yes I agree with you on this, but if i have two VR for example --- port 1 in VR-TWO and port 2 in VR-THREE. Port 1 has a vlan tag 10 and port 2 has a vlan 20.

When I do a show FDB in VR-DEFAULT I see MAC address for both VR-TWO and VR-THREE, also when I go into VR-TWO and show fdb I see all MAC.

VR-DEFAULT
X460-48t.25 # show fdb
Mac                     Vlan       Age  Flags         Port / Virtual Port List
------------------------------------------------------------------------------
00:04:96:6d:00:45    vlan-20(0020) 0032 d m           2
a8:20:66:1b:c1:2e    vlan-10(0010) 0055 d m           1

VR-TWO
(vr TWO) X460-48t.27 # show fdb
Mac                     Vlan       Age  Flags         Port / Virtual Port List
------------------------------------------------------------------------------
00:04:96:6d:00:45    vlan-20(0020) 0047 d m           2
a8:20:66:1b:c1:2e    vlan-10(0010) 0010 d m           1

What I understood I would not see it like this, but maybe I misunderstood this.

Thanks
Ian
Photo of Stephane Grosjean

Stephane Grosjean

  • 762 Points 500 badge 2x thumb
Hi,

Yes.
You have a FDB per VLAN, not per VR.
Your learning domain is the VLAN. And because you can't have a same VLAN on different VR, no leaking/flooding is possible.
Photo of Kawawa

Kawawa, GTAC

  • 3,292 Points 3k badge 2x thumb
The show fdb command is a global command.  When you type it without a context, it shows all your current FDB entries regardless of which ports or VLANs they are specific to.  MAC address tables in XOS are specific to VLANS and not VRs.  So if you create a VLAN-1 and assign port 1,2 and 3 to it, any MAC addresses learnt on those ports belong to the VLAN-1 FDB as opposed to the VR.  You are therefore able to type show fdb vlan <name> that shows all MACs particular to the specified VLAN.  You can also specify port, VPLS, etc BUT, you cannot specify VR