VRF
Encyclopedia
In IP-based
computer network
s, Virtual Routing and Forwarding (VRF) is a technology that allows multiple instances of a routing table
to co-exist within the same router at the same time. Because the routing instances are independent, the same or overlapping IP address
es can be used without conflicting with each other.
Alternative meaning of VRF is a VPN Routing and Forwarding, the key element in the Cisco
MPLS
VPN technology. A VRF is a routing table instance, that can exist in one instance or multiple instances per each VPN on a Provider Edge (PE) router.
VRF may be implemented in a network device by distinct routing tables known as forwarding information base
s (FIBs), one per VRF. Alternatively, a network device may have the ability to configure different virtual routers, where each one has its own FIB that is not accessible to any other virtual router instance on the same device.
s. In this implementation, a core backbone network is responsible for the transmission of data across the wide area between VRF instances at each edge location. IPVPNs have been traditionally deployed by carriers to provide a shared wide-area backbone network for multiple customers. They are also appropriate in large enterprise, multi-tenant and shared data centre environments.
In a typical deployment, Customer Edge
(CE) routers handle local routing in a traditional fashion and disseminate routing information into Provider Edge (PE) where the routing tables are virtualised. The PE router then encapsulates the traffic, marks it to identify the VRF instance, and transmits it across the provider backbone network to the destination PE router. The destination PE router then decapsulates the traffic and forwards it to the CE router at the destination. The backbone network is completely transparent to the customer equipment, allowing multiple customers or user communities to utilize the common backbone network while maintaining end-to-end traffic separation.
Routes across the provider backbone network are maintained using an Interior Gateway Protocol
- typically IBGP. IBGP uses extended community attributes in a common routing table to differentiate the customers' routes with overlapping IP addresses.
IPVPN is most commonly deployed across a Multi-protocol Label Switching (MPLS) backbone as the inherent labelling of packets in MPLS lends itself to the identification of the customer VRF. Some IPVPN implementations (notably Nortel's IP-VPN Lite
) utilize a simpler IP-in-IP
encapsulation over a pure IP backbone, eliminating the need to maintain and support an MPLS environment.
Internet Protocol
The Internet Protocol is the principal communications protocol used for relaying datagrams across an internetwork using the Internet Protocol Suite...
computer network
Computer network
A computer network, often simply referred to as a network, is a collection of hardware components and computers interconnected by communication channels that allow sharing of resources and information....
s, Virtual Routing and Forwarding (VRF) is a technology that allows multiple instances of a routing table
Routing table
In computer networking a routing table, or Routing Information Base , is a data table stored in a router or a networked computer that lists the routes to particular network destinations, and in some cases, metrics associated with those routes. The routing table contains information about the...
to co-exist within the same router at the same time. Because the routing instances are independent, the same or overlapping IP address
IP address
An Internet Protocol address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing...
es can be used without conflicting with each other.
Alternative meaning of VRF is a VPN Routing and Forwarding, the key element in the Cisco
Cisco
Cisco may refer to:Companies:*Cisco Systems, a computer networking company* Certis CISCO, corporatised entity of the former Commercial and Industrial Security Corporation in Singapore...
MPLS
Multiprotocol Label Switching
Multiprotocol Label Switching is a mechanism in high-performance telecommunications networks that directs data from one network node to the next based on short path labels rather than long network addresses, avoiding complex lookups in a routing table. The labels identify virtual links between...
VPN technology. A VRF is a routing table instance, that can exist in one instance or multiple instances per each VPN on a Provider Edge (PE) router.
VRF may be implemented in a network device by distinct routing tables known as forwarding information base
Forwarding Information Base
A forwarding information base , also known as a forwarding table, is most commonly used in network bridging, routing, and similar functions to find the proper interface to which the input interface should send a packet to be transmitted by the router.In contrast to routing information bases , also...
s (FIBs), one per VRF. Alternatively, a network device may have the ability to configure different virtual routers, where each one has its own FIB that is not accessible to any other virtual router instance on the same device.
Simple implementation
The simplest form of VRF implementation is VRF Lite. In this implementation, each router within the network participates in the virtual routing environment in a peer-based fashion. While simple to deploy and appropriate for small to medium enterprises and shared data centres, VRF Lite does not scale to the size required by global enterprises or large carriers, as there is the need to implement each VRF instance on every router.Full implementation
The scaling limitations of VRF Lite are resolved by the implementation of IPVPNVirtual private network
A virtual private network is a network that uses primarily public telecommunication infrastructure, such as the Internet, to provide remote offices or traveling users access to a central organizational network....
s. In this implementation, a core backbone network is responsible for the transmission of data across the wide area between VRF instances at each edge location. IPVPNs have been traditionally deployed by carriers to provide a shared wide-area backbone network for multiple customers. They are also appropriate in large enterprise, multi-tenant and shared data centre environments.
In a typical deployment, Customer Edge
Customer Edge
The customer edge is the router at the customer premises that is connected to the provider edge of a service provider IP/MPLS network. CE peers with the PE and exchanges routes with the corresponding VRF inside the PE. The routing protocol used could be static or dynamic ....
(CE) routers handle local routing in a traditional fashion and disseminate routing information into Provider Edge (PE) where the routing tables are virtualised. The PE router then encapsulates the traffic, marks it to identify the VRF instance, and transmits it across the provider backbone network to the destination PE router. The destination PE router then decapsulates the traffic and forwards it to the CE router at the destination. The backbone network is completely transparent to the customer equipment, allowing multiple customers or user communities to utilize the common backbone network while maintaining end-to-end traffic separation.
Routes across the provider backbone network are maintained using an Interior Gateway Protocol
Interior gateway protocol
An interior gateway protocol is a routing protocol that is used to exchange routing information within an autonomous system ....
- typically IBGP. IBGP uses extended community attributes in a common routing table to differentiate the customers' routes with overlapping IP addresses.
IPVPN is most commonly deployed across a Multi-protocol Label Switching (MPLS) backbone as the inherent labelling of packets in MPLS lends itself to the identification of the customer VRF. Some IPVPN implementations (notably Nortel's IP-VPN Lite
IP-VPN Lite
IP VPN-Lite is a product from Nortel that provides the ability to run IP Virtual private networks using Multiprotocol BGP extensions across a normal IP backbone infrastructure...
) utilize a simpler IP-in-IP
IP in IP
IP in IP is an IP tunneling protocol that encapsulates one IP packet in another IP packet. To encapsulate an IP packet in another IP packet, an outer header is added with SourceIP, the entry point of the tunnel and the Destination point, the exit point of the tunnel. While doing this the inner...
encapsulation over a pure IP backbone, eliminating the need to maintain and support an MPLS environment.