Tuesday, April 10, 2012

VRF: Virtual Routing & Forwarding


  • VRF:
    • VRF tables are the fundamental building block for virtualizing a router, it turn into multiple virtual routers.
    • Technically VRF is a separate RIB(Routing Information Base) & FIB (Forward Information Base)
    • Any interface on the router could be assigned to a VRF.
      • using command "ip vrf forwarding <name>"
      • this command will erase all existing ip address config on the interface (to avoid duplication)
      • After this configuration, all packets recevied on the interface are routed & forwarded using the associated VRF table.
      • VRF enabled interfaces are not showed in global routing table
        • i.e show ip route
      • Each VRF has its own routing table
        • to see this routing table use "show ip vrf "
    • Interfaces showed in global routing table are not in any vrf.
      • i.e. VRF & global routes are separate.
    • VRFs without MPLS is considered as "VRF Lite"
    • If 2 VRFs have same ip prefix but they cannot route to each other.
      • Because they are separately labeled.
    • We cannot manually leak the traffic between VRFs by creating static routes.
      • i.e. interfaces are route with other interfaces which are in same VRF.
    • BGP is enhanced to handle VRF specific routes.
      • A new sepcial MP-BGP address family named "VPN IPv4" has been added to bgp along with new NLRI format.
    • To support multiple customers in MPLS VPN, VRF tables were used.
      • VRF tables are used to store routes separately for different customer VPNs.
      • The use of separate tables solves some problems:
        • Leakage packets from one customer to another due to overlapping prefixes
    • VRF has 3 main components:
      • An IP routing table (RIB)
      • A CEF FIB, populated based on that VRF's RIB
      • A separate process of the routing protocol used to exchange routes with the CE's.