This configuration is done only on router (RXC).
The objective is to segregate the traffic between two vlans, for vlan 10 the traffic will go towards Production internet and vlan 20 will go towards Guest internet.
Virtual routing and forwarding (VRF) is very similar to vlan, except VRF is for layer 3. The two traffics are isolated to each other. This method can be another alternative for PBR, using PBR is also possible to achieve the objective.
This first example has not been validated by real lab yet, I got the configuration while I was pondering on a train while on my way to work. I have shown this diagram to my friend – Andrey, who has validated that this should work fine. Thanks Andrey for pointing out VRF as another viable solution.
Since this VRF configuration does not collaborate with Multiprotocol BGP it is known as VRF-lite. Usually VRF and mBGP work together to form MPLS VPN service. MPLS VPN is not the usual VPN we think of i.e. VPN with encryption, this MPLS VPN has no encryption involved, but the path of each VRF is standalone and does not cross to one another, in other words, between VRF there’s no communication just like VLANs hence they are virtually private networks.
You can download and keep the diagram if you find it useful, but kindly do not discredit me by deleting my name, thanks.
cyruslab 