Beruflich Dokumente
Kultur Dokumente
÷ , meaning ÷
, is a technology implemented in the IP network
routers that allows multiple instances of a routing table to exist on the same router in the same
time. Since each VRF is independent, the same IP subnet can exist in 2 different VRFs. Basically
you can overlap one IP address in 2 VRFs but without conflicting with each other. Even this is
possible, I would not suggest doing so, unless you have a very good reason to do it.
Another meaning of VRF is VPN Routing and Forwarding which is a key element in
÷ technology. Internet service providers often take
advantage of VRF to create separate virtual private networks (VPNs) for customers. Some
advantages of using this technology is than an ISP can provision scalable IP MPLS VPN
services, generate reports (e.g. audit for services), Service Level Agreements (SLA) contracts
and more«
To summarize, virtual networks enable administrators to split a physical link into multiple virtual
links completely isolated one from the others. Typically, a virtual network will be dedicated to
traffic from a specific application or from a specific users / customers.
Now that we clarify the basic of what is and how it works, let¶s see where is VRF used the most.
As you maybe guess already, this is in the MPLS VPN environment, due to the fact that in
today¶s business granularity is very important and VRF help network engineers to isolate and
provide security for its customers in an ISP environment or to separate services in an Intranet
environment. As you probably already know, MPLS functionality is based on
, and routers. Each of these routers must
be configured in order for MPLS to work within an enterprise¶s architecture. I describe a little bit
the MPLS technology, so you can understand better the topology presented below and then
following configuration example:
The route distinguisher (RD) is a number which help identify a VPN in a provider¶s network and
allow for overlapping IP space.
The route target (RT) indicates the VPN membership of a route and allows VPN routes to be
imported or exported into or out of your VRFs. The RT functions a little like a routing policy ²
determining how routes are distributed throughout the particular VPN.
or
Router(config)# !"
3. Creates a list of import and/or export route target communities for the specified VRF.
Router(config-vrf)#
"
4. (Optional step) Associates the specified route map with the VRF.
Router(config-vrf)#
"
Router(config)#
#
To check your configuration, you can use ping or traceroute tools under Cisco CLI, but
remember that you have to use ³vrf vrf-name´ parameter:
Router# !"
$"
In some of the following posts, I will present a VRF implementation following a real
environment topology, but until then I hope you understood the basics of VRF functionality. It¶s
not hard to implement (from case to case it might be due to local topologies and technology) but
it can help you to have a more granular connections and makes troubleshooting more easy,
especially in the environments which have a lot of IP addresses under management.