3.8

Configure and verify VRF Lite

VPN Routing/Forwarding (VRF) Lite is a subset of features provided by VRF that a Customer Edge (CE) Router uses. VRF is designed for Provider Edge (PE) Routers. It can be used when multiple customers share a router. VRF has the full MP-BGP across the MPLS. VRF Lite would be used if two customers both require access to the MPLS ISP through the same CE Router.

VPN Routing/Forwarding (VRF) does not protect data in transit as regular VPNs do. Instead, it protects data at the router by separating routing instances from each other.

VRF Lite is common on MPLS networks where clients must be isolated from each other for privacy and stability as it allows customers to have separate routing tables on a router. Isolation allows customers to use different routing protocols and overlapping address spaces. A good comparison of equivalence would be VLANs at Layer 3 or VMs running on a hypervisor.

In VRF Lite, routes can only be shared between VRFs when they are redistributed or when using GRE tunnels are in place to mask the VRF boundary.

 

Customer 1 Config

CE(config)# router ospf 1
CE(config-router)# network 192.168.0.0 0.0.0.255 area 0
CE(config-router)# network 172.16.31.0 0.0.255.255 area 0
CE(config-router)# network 10.221.1.0 0.0.0.3 area 0
CE(config)# interface g1/0
CE(config)# ip ospf network point-to-point

Customer 2 Config

CE(config)# router ospf 1
CE(config-router)# network 192.168.0.0 0.0.0.255 area 0
CE(config-router)# network 172.16.22.0 0.0.255.255 area 0
CE(config-router)# network 10.221.1.4 0.0.0.3 area 0
CE(config)# interface g1/0
CE(config)# ip ospf network point-to-point

ISP Config

PE(config)# ip vrf Customer_1
PE(config-vrf)# description Customer_1_metroEthernet
PE(config)# ip vrf Customer_2
PE(config-vrf)# description Customer_2_metroEthernet
PE(config)# interface g1/0.1
PE(config-subif)# ip vrf forwarding Customer_1
PE(config-subif)# ip add 10.221.1.1 255.255.255.252
PE(config)# interface g1/0.2
PE(config-subif)# ip vrf forwarding Customer_2
PE(config-subif)# ip add 10.221.1.5 255.255.255.252
PE(config)# router ospf 1 vrf Customer_1
PE(config-router)# network 10.221.1.0 0.0.0.3 area 0
PE(config-router)# default-information originate always
PE(config)# router ospf 2 vrf Customer_2
PE(config-router)# network 10.221.1.4 0.0.0.3 area 0
PE(config-router)# default-information originate always

VRF Show commands

show ip vrf interfaces
show ip route
show ip route vrf Customer_1
show ip route vrf Customer_2

Add a new branch for Customer _1

PE(config)# int loopback 101
PE(config-if)# ip vrf forwarding Customer_1
PE(config-if)# ip address 192.168.1.1 255.255.255.0
PE(config-if)# ip ospf network point-to-point
PE(config-if)# ip ospf 1 area 0

If you need a new website or your website needs updating go to https://10kinds.tech.

10 Kinds Technology
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram