9 Replies Latest reply on Feb 21, 2017 7:12 AM by tedllewellyn

    How do you program 908e NTP to use a VRF interface

    bdaneu New Member

      My Internet is on a VRF interface and the non VRF interface can't go out to the internet it only goes to the ISPs SIP server so how would I program the NTP to go out the VRF Frame relay interface that has internet.

        • Re: How do you program 908e NTP to use a VRF interface
          michael56 New Member

          You would have to build the DLCI and VRF inside your CPE device in order to communicate with the internet VRF. You'll need to compliment the internet VRF's configuration. You'll basically want something along these lines but would need to 'replace all' within the <.........> with the appropriate variables. Depending on your AOS some of the command syntax may/may not be accepted, but this configlet was constructed from a once working adtran device (probably a 4430 or 3430 router). The 908 should accept much of the commands, however you'll need to compensate for interfaces, variables and syntax changes. Here's what I can offer in the way of assistance:

           

          !
          ip vrf <CUG_#ONE>
          rd <AS_NUMBER>:10
          route-target export <AS_NUMBER>:10
          route-target import <AS_NUMBER>:10
          !
          ip vrf <CUG_#TWO>
          rd <AS_NUMBER>:11
          route-target export <AS_NUMBER>:11
          route-target import <AS_NUMBER>:11
          !
          interface GigabitEthernet0/0
          description LAN Block /29
          ip vrf forwarding <CUG_#ONE>
          ip address <PUBLIC_LAN_BLOCK_IP_with_MASK>
          no ip directed-broadcast
          service-policy input <policy_name>
          no ip redirects
          no ip proxy-arp
          cdp enable
          no ip mroute-cache
          duplex auto
          speed auto
          no shutdown
          media-type rj45
          negotiation auto
          no mop enabled
          !
          interface GigabitEthernet0/1
          description LAN Block /25
          ip vrf forwarding <CUG_#ONE>
          ip address <PRIVATE_LAN_BLOCK_with_MASK>
          no ip directed-broadcast
          service-policy input <policy_name>
          no ip redirects
          no ip proxy-arp
          cdp enable
          no ip mroute-cache
          no shutdown
          duplex auto
          speed auto
          no mop enabled
          !
          interface GigabitEthernet0/2
          description VRF INTERFACE
          ip vrf forwarding <CUG_#TWO>
          ip address <OTHER_LAN_BLOCK_IP_with_MASK>
          no ip directed-broadcast
          service-policy input <policy_name>
          no ip redirects
          no ip proxy-arp
          cdp enable
          no ip mroute-cache
          no shutdown
          duplex auto
          speed auto
          no mop enabled
          !


          !
          interface Serial0/0/0.#1 point-to-point
          description PVC to CUG <CUG_#ONE>
          ip vrf forwarding <CUG_#ONE>
          no shutdown
          ip address <DLCI_#ONE_LAN_IP_with_MASK>
          max-reserved-bandwidth 100
          service-policy output CUSTOM-QOS
          frame-relay interface-dlci #1
          !
          interface Serial0/0/0.#2 point-to-point
          description PVC to CUG <CUG_#TWO>
          ip vrf forwarding <CUG_#ONE>
          no shutdown
          ip address <DLCI_#TWO_LAN_IP_with_MASK>
          max-reserved-bandwidth 100
          service-policy output CUSTOM-QOS
          frame-relay interface-dlci #2
          !


          !
          router bgp <AS_NUMBER>
          bgp router-id <CPE_WAN_IP_ONLY>
          bgp log-neighbor-changes
          bgp asnotation dot
          no bgp default ipv4-unicast
          neighbor <PUBLIC_LAN_IP_NEIGHBOR> remote-as <CUG_#2_REMOTE_AS#>
          !
          address-family ipv4 vrf <CUG_#ONE>
            redistribute connected route-map con-bgp
            redistribute static
            neighbor <CUG_#1_PE_IP> remote-as <CUG_#1_REMOTE_AS#>
            neighbor <CUG_#1_PE_IP> activate
            neighbor <CUG_#1_PE_IP> send-community
            neighbor <CUG_#1_PE_IP> soft-reconfiguration inbound
            neighbor <CUG_#1_PE_IP> prefix-list E2E in
            neighbor <PUBLIC_LAN_IP_NEIGHBOR> remote-as <CUG_#2_REMOTE_AS#>
            neighbor <PUBLIC_LAN_IP_NEIGHBOR> activate
            neighbor <PUBLIC_LAN_IP_NEIGHBOR> send-community
            neighbor <PUBLIC_LAN_IP_NEIGHBOR> soft-reconfiguration inbound
            no auto-summary
            no synchronization
          exit-address-family
          address-family ipv4 vrf <CUG_#TWO>
            redistribute connected route-map con-bgp
            redistribute static
            neighbor <CUG_#2_PE_IP> remote-as <CUG_#1_REMOTE_AS#>
            neighbor <CUG_#2_PE_IP> activate
            neighbor <CUG_#2_PE_IP> send-community
            neighbor <CUG_#2_PE_IP> soft-reconfiguration inbound
            neighbor <CUG_#2_PE_IP> prefix-list E2E in
            no auto-summary
            no synchronization
          exit-address-family

          • Re: How do you program 908e NTP to use a VRF interface
            tedllewellyn New Member

            I am also not able to get the NTP client to use an interface in a non-default VRF, which is a pain. If this is really not possible can we please get this on the list of feature upgrades so it can get fixed?

            • Re: How do you program 908e NTP to use a VRF interface
              jordanjms Employee

              bdaneu and tedllewellyn you should be able to tell the NTP client to use a non-default VRF using the following command:

               

              ntp server vrf <name> <hostname | ipv4 address>

               

              You can also set the source interface for a non-default VRF using this command:

               

              ntp vrf <name> source <interface>

              • Re: How do you program 908e NTP to use a VRF interface
                tedllewellyn New Member

                You are right. NTP server will use a non-default VRF interface. SNTP not so much. Not really sure why they offer both.