MPLS - Multi-VRF or VRF-Lite

Download

Multi-VRF or VRF-Lite

Multi-VRF, or VRF-Lite (Virtual Routing and Forwarding), is a technology used in networking to enable the creation of multiple independent routing tables within a single physical router. Each VRF functions as a separate routing instance, allowing the router to maintain distinct routing and forwarding tables for different network entities. This segmentation is valuable in scenarios where the same physical infrastructure needs to support multiple virtual networks or customers, ensuring logical isolation of routing information. Multi-VRF is often employed in service provider environments to offer managed services to various customers on a shared network infrastructure while maintaining separation and security. In addition to service providers, enterprises may use VRF-Lite to isolate different departments, projects, or tenants within their network, providing enhanced control over routing and improved network efficiency. Multi-VRF facilitates the coexistence of multiple independent routing domains on a single router, contributing to a more scalable and versatile network architecture.

Lab:

Disclaimer

This Configuration Guide is designed to assist members to enhance their skills in particular technology area. While every effort has been made to ensure that all material is as complete and accurate as possible, the enclosed material is presented on an “as is” basis. Neither the authors nor Forum assume any liability or responsibility to any person or entity with respect to loss or damages incurred from the information contained in this guide. This configuration guide was developed by Forum. Any similarities between material presented in this configuration guide and any other material is completely coincidental.

CE1 Router:

ip cef 
! 
ip vrf vpna 
rd 3:10 
route-target export 3:10
route-target import 3:10 
! 
ip vrf vpnb 
rd 3:20 
route-target export 3:20 
route-target import 3:20 
! 
ip vrf vpnc 
rd 3:30 
route-target export 3:30 
route-target import 3:30 
! 
interface Loopback10 
ip vrf forwarding vpna 
ip address 10.0.0.1 255.255.255.0 
! 
interface Loopback11 
ip vrf forwarding vpnb 
ip address 20.0.0.1 255.255.255.0 
! 
interface Loopback12 
ip vrf forwarding vpnc 
ip address 30.0.0.1 255.255.255.0 
! 
interface FastEthernet0/0.1 
encapsulation dot1Q 10 
ip vrf forwarding vpna 
ip address 150.1.40.2 255.255.255.252 
! 
interface FastEthernet0/0.2 
encapsulation dot1Q 20 
ip vrf forwarding vpnb 
ip address 150.1.40.6 255.255.255.252 
! 
interface FastEthernet0/0.3 
encapsulation dot1Q 30 
ip vrf forwarding vpnc 
ip address 150.1.40.10 255.255.255.252 
! 
router ospf 10 vrf vpna 
capability vrf-lite
network 10.0.0.0 0.0.0.255 area 0 
network 150.1.40.0 0.0.0.3 area 0
! 
router ospf 20 vrf vpnb 
capability vrf-lite
network 20.0.0.0 0.0.0.255 area 0 
network 150.1.40.4 0.0.0.3 area 0 
! 
router ospf 30 vrf vpnc 
capability vrf-lite
network 30.0.0.0 0.0.0.255 area 0 
network 150.1.40.8 0.0.0.3 area 0 
! 
end

CE2 Router:

interface Loopback0 
ip address 203.1.0.2 255.255.255.255 
! 
interface Loopback1 
ip address 203.1.2.1 255.255.255.0
! 
interface FastEthernet0/0 
ip address 150.1.31.6 255.255.255.252 
! 
router ospf 10 
network 0.0.0.0 255.255.255.255 area 0 
! 
end

CE3 Router:

interface Loopback0 
ip address 203.1.0.3 255.255.255.255 
! 
interface Loopback1 
ip address 203.1.3.1 255.255.255.0 
! 
interface FastEthernet0/0 
ip address 150.1.31.14 255.255.255.252 
! 
router ospf 20 
network 0.0.0.0 255.255.255.255 area 0 
! 
end

CE4 Router:

interface Loopback0 
ip address 203.1.0.4 255.255.255.255 
! 
interface Loopback1 
ip address 203.1.4.1 255.255.255.0 
! 
interface FastEthernet0/0 
ip address 150.1.31.18 255.255.255.252 
! 
router ospf 30 
network 0.0.0.0 255.255.255.255 area 0 
! 
end

PE1 Router:

ip cef 
! 
ip vrf vpna 
rd 3:10 
route-target export 3:10 
route-target import 3:10 
! 
ip vrf vpnb 
rd 3:20 
route-target export 3:20 
route-target import 3:20 
! 
ip vrf vpnc 
rd 3:30 
route-target export 3:30 
route-target import 3:30 
! 
mpls label protocol ldp 
! 
interface Loopback0 
ip address 192.168.3.1 255.255.255.255 
no ip directed-broadcast 
! 
interface FastEthernet0/0.1 
encapsulation dot1Q 10 
ip vrf forwarding vpna 
ip address 150.1.40.1 255.255.255.252 
no ip directed-broadcast
! 
interface FastEthernet0/0.2 
encapsulation dot1Q 20 
ip vrf forwarding vpnb 
ip address 150.1.40.5 255.255.255.252 
no ip directed-broadcast 
! 
interface FastEthernet0/0.3 
encapsulation dot1Q 30 
ip vrf forwarding vpnc 
ip address 150.1.40.9 255.255.255.252 
no ip directed-broadcast 
! 
interface Serial2/0 
description *** Link to PE2 *** 
ip address 192.168.3.22 255.255.255.252 
tag-switching ip 
! 
router ospf 10 vrf vpna 
redistribute bgp 3 subnets 
network 150.1.40.0 0.0.0.3 area 0 
! 
router ospf 20 vrf vpnb 
redistribute bgp 3 subnets 
network 150.1.40.4 0.0.0.3 area 0 
! 
router ospf 30 vrf vpnc 
redistribute bgp 3 subnets 
network 150.1.40.8 0.0.0.3 area 0 
! 
router ospf 1 
network 192.168.3.0 0.0.0.255 area 0 
! 
router bgp 3 
no synchronization 
bgp log-neighbor-changes 
network 192.168.3.1 mask 255.255.255.255 
neighbor 192.168.3.2 remote-as 3 
neighbor 192.168.3.2 update-source 
Loopback0 
no auto-summary 
! 
address-family vpnv4 
neighbor 192.168.3.2 activate
neighbor 192.168.3.2 send-community 
extended 
exit-address-family
! 
address-family ipv4 vrf vpnc 
redistribute ospf 30 vrf vpnc 
no synchronization 
exit-address-family 
! 
address-family ipv4 vrf vpnb 
redistribute ospf 20 vrf vpnb 
no synchronization 
exit-address-family 
! 
address-family ipv4 vrf vpna 
redistribute ospf 10 vrf vpna 
no synchronization 
exit-address-family 
! 
tag-switching tdp router-id Loopback0 
end

P Router:

ip cef 
! 
mpls label protocol ldp 
! 
interface Loopback0 
ip address 192.168.3.5 255.255.255.255 
no ip directed-broadcast 
! 
interface Serial2/0 
ip address 192.168.3.14 255.255.255.252 
tag-switching ip 
! 
interface Serial2/1 
ip address 192.168.3.17 255.255.255.252 
tag-switching ip 
! 
router ospf 1 
network 192.168.3.0 0.0.0.255 area 0 
! 
tag-switching tdp router-id Loopback0 
! 
end

PE3 Router:

ip cef 
! 
ip vrf vpnb 
rd 3:20
route-target export 3:20 
route-target import 3:20 
! 
mpls label protocol ldp 
! 
interface Loopback0 
ip address 192.168.3.3 255.255.255.255 
! 
interface FastEthernet0/0 
ip vrf forwarding vpnb 
ip address 150.1.31.13 255.255.255.252 
! 
interface Serial2/0 
ip address 192.168.3.13 255.255.255.252 
tag-switching ip 
! 
interface Serial2/1 
ip address 192.168.3.10 255.255.255.252 
tag-switching ip 
! 
router ospf 20 vrf vpnb 
redistribute bgp 3 subnets 
network 150.1.0.0 0.0.255.255 area 0 
! 
router ospf 1 
network 192.168.3.0 0.0.0.255 area 0 
! 
router bgp 3 
no synchronization 
network 192.168.3.3 mask 255.255.255.255 
neighbor 192.168.3.2 remote-as 3 
neighbor 192.168.3.2 update-source Loopback0 
neighbor 192.168.3.2 route-reflector-client 
neighbor 192.168.3.4 remote-as 3 
neighbor 192.168.3.4 update-source Loopback0 
neighbor 192.168.3.4 route-reflector-client 
no auto-summary 
! 
address-family vpnv4 
neighbor 192.168.3.2 activate
neighbor 192.168.3.2 send-community extended 
neighbor 192.168.3.4 activate 
neighbor 192.168.3.4 send-community extended 
neighbor 192.168.3.4 route-reflector-client 
exit-address-family 
! 
address-family ipv4 vrf vpnb 
redistribute ospf 20 vrf vpnb 
no synchronization 
exit-address-family 
! 
tag-switching tdp router-id Loopback0 
! 
end

PE2 Router:

ip cef 
! 
ip vrf vpna 
rd 3:10 
route-target export 3:10 
route-target import 3:10 
! 
mpls label protocol ldp 
! 
interface Loopback0 
ip address 192.168.3.2 255.255.255.255 
! 
interface FastEthernet0/0 
ip vrf forwarding vpna 
ip address 150.1.31.5 255.255.255.252 
! 
interface Serial2/0 
ip address 192.168.3.21 255.255.255.252 
tag-switching ip 
! 
interface Serial2/1 
ip address 192.168.3.18 255.255.255.252 
tag-switching ip 
! 
router ospf 10 vrf vpna 
redistribute bgp 3 subnets 
network 150.1.0.0 0.0.255.255 area 0 
! 
router ospf 1 
network 192.168.3.0 0.0.0.255 area 0 
! 
router bgp 3 
no synchronization 
network 192.168.3.2 mask 255.255.255.255 
neighbor 192.168.3.1 remote-as 3 
neighbor 192.168.3.1 update-source 
Loopback0 
neighbor 192.168.3.1 route-reflector-client 
neighbor 192.168.3.3 remote-as 3 
neighbor 192.168.3.3 update-source 
Loopback0 
neighbor 192.168.3.3 route-reflector-client 
no auto-summary 
! 
address-family vpnv4 
neighbor 192.168.3.1 activate 
neighbor 192.168.3.1 send-community 
extended 
neighbor 192.168.3.1 route-reflector-client 
neighbor 192.168.3.3 activate 
neighbor 192.168.3.3 send-community 
extended 
exit-address-family 
address-family ipv4 vrf vpna 
redistribute ospf 10 vrf vpna 
no synchronization 
exit-address-family 
! 
tag-switching tdp router-id Loopback0 
! 
end

PE4 Router:

ip cef 
! 
ip vrf vpnc 
rd 3:30 
route-target export 3:30 
route-target import 3:30 
! 
mpls label protocol ldp 
! 
interface Loopback0 
ip address 192.168.3.4 255.255.255.255 
! 
interface FastEthernet0/0 
ip vrf forwarding vpnc 
ip address 150.1.31.17 255.255.255.252 
! 
interface Serial2/1 
ip address 192.168.3.9 255.255.255.252 
tag-switching ip 
! 
router ospf 30 vrf vpnc 
redistribute bgp 3 subnets 
network 150.1.0.0 0.0.255.255 area 0 
! 
router ospf 1 
network 192.168.3.0 0.0.0.255 area 0 
! 
router bgp 3 
no synchronization 
network 192.168.3.4 mask 255.255.255.255 
neighbor 192.168.3.3 remote-as 3 
neighbor 192.168.3.3 update-source 
Loopback0 
no auto-summary 
! 
address-family vpnv4 
neighbor 192.168.3.3 activate 
neighbor 192.168.3.3 send-community 
extended 
exit-address-family 
! 
address-family ipv4 vrf vpnc 
redistribute ospf 30 vrf vpnc 
no synchronization 
exit-address-family 
! 
tag-switching tdp router-id Loopback0 
! 
end