cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1277
Views
0
Helpful
8
Replies

VRF

carl_townshend
Spotlight
Spotlight

Can anyone tell me what these are and how they work ? I have been told my 34mbs dsl uses vrf's to route to each dsl line ?

8 Replies 8

r.sneekes
Level 1
Level 1

VRF = Virtual Route Forwarding.

See it as an L3 vlan.

Each vrf within a router has his own routing table/ arp table etc..and specific interfaces that are part of this VRF

An interface which operates in a vrf can't pass traffic to an interface of an other vrf.

So VRF's make it possible to use overlaping ip adressen, within the same hardware box and at the same time seperates the traffic from each VRF.

This way providers can serve multiple customers with the same hardware box.

In previous days each costumers would often need his own router in order to prevent ip overlapping within the same router.

thanks for that, so my 34mbs cisco router, has these set up, would the router route between these vrf's ? are they simple to set up ? can you show me an example ?

Carl,

Refer the below URL for setting up Basic MPLS VPN Configuration.

http://www.cisco.com/en/US/tech/tk436/tk428/technologies_configuration_example09186a00800a6c11.shtml

I hope it helps.

Regards,

Arul

There are two types of VRFs: VRF and VRF-Lite. The first type, VRF, is typically implemented together with MPLS. This type of VRF (can) have global scope.

The second type, VRF-Lite, is implemented by itself. No MPLS. This type of VRF is locally significant on the device where it is created. Most Cisco routers support multiple VRFs (either "full" or "lite"), but only switches from Catalyst 4948 above support VRF-Lite, and even less support MPLS/VRF.

Configuring VRF-Lite is fairly straightforward, although there are a few gotchas associated to the max number of interfaces that can be associated to a VRF (e.g. on Cat 4948, you can only configure up to 44 SVIs/VLANs in a VRF), or the number of VRFs supported on a device.

Below is a rough example of configuring VRF-Lite on a switch (which is virtually identical to routers, except routers don't normally have SVI's/VLAN interfaces)

ip vrf test !creates a VRF called "test"

rd 1:1 ! route distinguisher for "test" VRF

route-target both 1:1 ! route target for "test" VRF

interface vlan10

ip address 10.10.10.1 255.255.255.0

ip vrf-forwarding test

Note that because VRF-Lite is only locally significant, route distinguisher and route target can be configured with any value you want. They don't have to match with any other values configured on other switches/routers. In fact, two devices that are directly connected to each other, interface on one can be configured as part of a VRF, while the other is not. But both devices will still be able to talk without any problem. Again, this is because of the local-significance of VRF-Lite.

HTH.

so whats the diff between setting this up on a router and switch, do you just create as many logical vrf's on the router as you want ? I thought the router would route between them ? also does each vrf have its own ip address, and are they like point to point connections ? or just a private lan

There is no real difference with VRFs on switches or routers. It comes down to where you need the logical separation. I have seen cases whereby logical separations are required on the LAN, but not WAN, as well as the other way around.

As I said in the previous post, there's no routing between VRFs on a single Layer-3 device. The only way to do this is in MPLS implementation, where you actually export/import one VRF into another. In a VRF-Lite implementation, routing b/w VRFs can only be done on a "higher routing plain" that do not have VRF-Lite enabled (i.e. no logical separation of routing tables).

As far as IP addressing goes, I have not tried configuring multiple VRFs with overlapping addresses. Logicall seems possible, but unless you're a service provider, there's no point. It'll make the network harder to manage. Overlapping IP addresses between different VRFs are typically more prevalent in service provider environment with MPLS.

Think of VRF as "virtual router". That's the easiest way to get your head around it. It's not private VLAN. Quite different.

HTH.

mchoo2005
Level 1
Level 1

BTW, forgot to add 1 more thing in my previous post: to answer your question about routing between VRFs, it's NOT possible with VRF-Lite, but can be achieved with MPLS/VRF. It's quite complicated really, but to put it simply, in MPLS/VRF, inter-VRF routing is achieved by importing/exporting one route-target to another.

Cheers

Not completely true. It IS possible to route between VRF's in vrf-Lite. Just enable BGP and the use import/export route-tagets.

It is also possible to route between a vrf and

the global table without the use of bgp or import/export.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: