cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
8449
Views
20
Helpful
7
Replies

BVI, IRB and VRF... what do they all mean/do?

voiper_99
Level 1
Level 1

Hi, I have done a bit of reading on the three abbreviations above and still cannot quite wrap my head around what they do and what they are used for. If someone could explain to me what each one does and real life examples of when they would be used I would really appreciate it.

Thank you for your time.

7 Replies 7

Richard Burts
Hall of Fame
Hall of Fame

Will

The first 2 terms are related BVI and IRB. I will start with IRB. IRB stands for Integrated Routing and Bridging. In traditional IOS you could route traffic (like IP, or IPX or some other protocol) or you could bridge traffic (like IP, or IPX or some other protocol) and the decision of whether to route or to bridge the traffic was made globally. So if any interface routed then all interfaces must route and if any interface bridged then all interfaces must bridge. But sometimes people want to route on some interfaces and bridge on other interfaces. So Cisco introduced IRB and the main point of IRB is that the decision whether to route or to bridge is no longer necessarily a global decision but can be made interface by interface so that some interfaces can route while other interfaces bridge the traffic.

If that gives you some understanding of IRB I will now explain BVI. The way that IRB works is that it creates a virtual interface which functions to logically connect the routed interfaces and the bridged interfaces. That is what BVI is (Bridged Virtual Interface). The BVI allows traffic from the bridged environment to enter the routed environment and be routed or allows traffic from the routed environment to enter the bridged environment and to be bridged.

VRF is entirely different. It stands for Virtual Routing and Forwarding. It was originally associated with VPNs in MPLS environments and essentially it is a way to logically have separate IP routing tables within a router. This link may give you some helpful information about it:

http://searchnetworking.techtarget.com/sDefinition/0,290660,sid7_gci1149279,00.html

HTH

Rick

HTH

Rick

Please forgive my ignorance, I am having trouble understanding this concept. The way in which I understand routing is a device receives a packet, finds the next hop address and sends the packet out of the connected interface. In regards to bridging, that is when I get a little lost. Why is bridging necessary/what does it do?

In regards to VRF, why is separate routing tables required? I thought the only reason why one would want that is if they are running a few different routing protocols with different cost metrics?

Hi,

VRF concept was introduced for use with Peer-to-peer VPN model (MPLS VPN, although its use was extended by VRF-Lite), the main idea behind VRF is to provide security and address overlapping between VPNs by isolating each VPN routes in a separate routing table:

A VRF table defines a VPN at a customer site attached to a PE router. A VRF table consists of:

. an IP routing table

. a derived Cisco Express Forwarding (CEF) table

. a set of interfaces that use the forwarding table

. a set of rules and routing protocol variables that determine what goes into the forwarding table

I hope that i've been informative, and please don't hesitate for further questions.

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

Thanks Mohammed for the great explanation. Could you shed any more light on the BVI and IRB commands?

Oh and another one I have come across... VDPN.

Sorry for all the questions guys!

Hi,

Your network might require you to bridge local traffic within several segments and have hosts on the bridged segments reach the hosts on routed networks. For example, if you are migrating bridged topologies into routed topologies, you might want to start by connecting some of the bridged segments to the routed networks.

Using the integrated routing and bridging (IRB) feature, you can route a given protocol between routed interfaces and bridge groups, specifically, local or unroutable traffic is bridged among the bridged interfaces in the same bridge group, while routable traffic is routed to other routed interfaces or bridge groups.

Because bridging is in the data link layer and routing is in the network layer, they have different protocol configuration models. With IP, for example, bridge group interfaces belong to the same network and have a collective IP network address. In contrast, each routed interface represents a distinct network and has its own IP network address. Integrated routing and bridging uses the concept of a Bridge Group Virtual Interface (BVI) to enable these interfaces to exchange packets for a given protocol.

A BVI is a virtual interface that acts like a normal routed interface. A BVI does not support bridging but actually represents the corresponding bridge group to routed interfaces. The interface number is the link between the BVI and the bridge group.

As for VPDN (Virtual Private Dialup Network), it is an access method in order for async dialup or ISDN clients can dial to the ISP and join their VPN.

I hope that i've been informative, please don't hesitate for any further questions.

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

In regards to your comment:

"Your network might require you to bridge local traffic within several segments and have hosts on the bridged segments reach the hosts on routed networks. For example, if you are migrating bridged topologies into routed topologies, you might want to start by connecting some of the bridged segments to the routed networks."

Could you give me a real life example where this may be necessary and the protocols that would be used? I am still trying to get my head around this concept.

"Using the integrated routing and bridging (IRB) feature, you can route a given protocol between routed interfaces and bridge groups, specifically, local or unroutable traffic is bridged among the bridged interfaces in the same bridge group, while routable traffic is routed to other routed interfaces or bridge groups."

What do you mean by "routed interfaces" and "unroutable traffic"?

"A BVI is a virtual interface that acts like a normal routed interface. A BVI does not support bridging but actually represents the corresponding bridge group to routed interfaces. The interface number is the link between the BVI and the bridge group."

OK I think I understand this part. What you are saying is that BVI allows a group of bridged interfaces to become one logical routed interface, is this correct?

"As for VPDN (Virtual Private Dialup Network), it is an access method in order for async dialup or ISDN clients can dial to the ISP and join their VPN."

I see. Is this used for DDR?

Thanks for your great responses!

Hi,

As for the first paragraph, you are simply converting your router from routing IP protocol only to a router + a bridge in the case you need bridging and routing, and the aim of the paragraph is that IRB is most useful when going from bridging topology to a routed one, as the BVI can be used to route the bridge interfaces traffic to routed interfaces.

Routed interfaces are the ordinary router interfaces with ip address configured under it.

Packets of unroutable protocols such as local-area transport (LAT) are always bridged. You cannot disable bridging for the unroutable traffic.

Think of the BVI as the default gateway to all the bridge interfaces, all local traffic is bridged between the bridge interfaces, but the traffic that is not local to the bridge group is routed via the BVI interface.

As for VPDN, it can be used as both DDR or as the main VPN link in the case that there is no access technology available rather than dialup for specific customer sites.

I hope that i've been informative.

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco