VPN routing/forwarding (VRF)

VRF is a feature that allows a router to support VPNs, where IP addresses can be overlapped among the VPNs. A router which does not run MPLS and only VRFs is called VRF-lite.

VRF-lite uses input interfaces to distinguish routes for different VPNs and forms virtual routing tables by associating one or more Layer 3 interfaces with each VRF. Interfaces in a VRF can be either physical, such as Ethernet ports, or logical, such as VLAN SVIs. An interface cannot belong to more than one VRF at any time.

VRFs in addition can use MPLS tags to identify traffic that is associated with  a VRF.

VRFs can support either IPv4 or IPv6 traffic. They are defined as follows:

IPv4 Only

Router(config)# ip vrf vrf2

Router(config-vrf)# rd 2:2

Router(config-vrf)# route-target import 2:2

Router(config-vrf)# route-target export 2:2

Router(config-vrf)# end

IPv6 + IPv4 (Common Policy)

Router(config)# vrf definition vrf2

Router(config-vrf)# rd 2:2

Router(config-vrf)# route-target import 2:2

Router(config-vrf)# route-target export 2:2

Router(config-vrf)# end

 

IPv6 Only

Router(config)# vrf definition vrf2

Router(config-vrf)# rd 2:2
Router(config-vrf)# address-family ipv6

Router(config-vrf)# route-target import 3:3
Router(config-vrf)# route-target export 3:3
Router(config-vrf)# exit-address-family
Router(config-vrf)# end


 

 

Route Distinguisher

Route Distinguisher is used for making the prefixes unique in the network. This allows VPNs with overlapping IP addresses. It contains eight hexadecimal bytes. The first two hexadecimal bytes specify the format of the remaining six bytes:
  • Type 0 – If bytes 1 and 2 are 00 00
      • bytes 3 and 4 specify the 16-bit autonomous system (AS) number, and bytes 5 to 8 specify a unique 32-bit identifier. (rd 64000:1)
  • Type 1 – If bytes 1 and 2 are 00 01
      • bytes 3 to 6 specify the 32-bit IP address, and bytes 7 and 8 specify a unique 16-bit identifier. (rd 10.10.10.15:1)
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s