Professional Documents
Culture Documents
Network Virtuliazation, by Aditya Gaur
Network Virtuliazation, by Aditya Gaur
Q: - What is VRF-Lite?
This is sort of Layer three VLAN/VPN that keep control and forwarding table separate
from each other and global routing table for security and other reason.
In other word virtual routing and forwarding (VRF) is a technology that allows
multiple instances of a routing table to co-exist within the same router at the same
time. This increases functionality by allowing network paths to be segmented without
using multiple devices. Because traffic is automatically segregated, VRF also
increases network security and can eliminate the need for encryption and
authentication.
1) Address can overlap in different VRFs
2) VRF also need to attach on particular interface
3) A individual/single interface cannot be attached with multiple VRF
4) By default different VRFs can`t talk to each other
5) You can configure inter-VRF
6) VRF-lite can run Layer three switch and router as well
Notice that now I need to create two instance of ospf since protocol using for entire
router not only for VRF “CA” & “CB”
Here I used “network 0.0.0.0 0.0.0.0 area 0” for all you can more specify the network
on routing protocol
3) Dynamic using EIGRP/RIP/BGP
Need to use address family inside routing protocol
Notice that in eigrp VRF also need to specify the AS that will be locally significant for
particular VRF
VRF-Lite route leaking
Command Purpose
Step 1 Router(config)# ip vrf vrf- Enters VRF configuration mode and define the VPN
name routing instance by assigning a VRF name.
Step 3 Router(config-vrf)# route- Creates a list of import and/or export route target
target {import | communities for the specified VRF.
export | both} route-target-
ext-community
Step 4 Router(config-vrf)# import (Optional) Associates the specified route map with
map route-map the VRF.
Configuration on PE router
Here we importing and exporting the VRFs but will not work until BGP and rest
of configure
(There may be more than two VRF-Lite instance. You can select which one want
to leak)
Go ahead and configure interfaces, VRFs routing and also import BGP on it
Note:- so for we didn’t configure BGP but I am applying here you do it latter
Now configure BGP with address” family ipv4 vrf “and redistribute VRFs
instance on it
(In this scenario we have OSPF 1, 2 named CRA and CRB)
In this configuration I am redistributing VRFs instances which want to leak, you
can also apply route map or desired VRFs only
Step 1 import export VRFs from each other which one you want to
Step 2 Redistributes VRFs instance on BGP so that BGP have those route
which you want to leak. Now BGP is aware to those VRFs route. Here’s
ospf instance 1 and 2 routes
Step 3 Redistributes BGP instance into VRFs (since BGP have all VRFs
route) so VRFs have each other routes by help of BGP
Now verification
Note this note all about it. Command may differ in your IOS because of
Version.
Thanks regard Aditya gaur
In any query you can e-mail me adityakrgaur@gmail.com