Explanation by examples: virtual routing tables (vrf)

1. Create 3 virtual router forwarding (vrf) table entries

In the following example we are going to setup VRF tables and see how they can be applied to ordinary routers. MPLS is not used in this example, which make the workings of VRF a lot easier to explain – and understand.

In the following example “rd” stands for router-distinquisher, and here is

the explanation from the Cisco documenatation:

“The route distinquisher (RD) is either an autonomous system number (ASN)-relative RD,

in which case it is composed of an autonomous system number and an arbitrary number,

or it is an IP-address-relative RD, in which case it is composed of an IP address

and an arbitrary number.

 

•You can enter an RD in either of these formats:

–16-bit autonomous system number: your 32-bit number

For example, 101:3.

–32-bit IP address: your 16-bit number

For example, 192.168.122.15:1. ”

 

(indeed: it still doesn’t explain why we need it..)

 

So here we will just use “1″ for the ASN and a arbitrary number for the next digit after the colon.

 

IUWNE-SW(config)#ip vrf blue

IUWNE-SW(config-vrf)#rd 1:1

IUWNE-SW(config-vrf)#ip vrf red

IUWNE-SW(config-vrf)#rd 1:2

IUWNE-SW(config-vrf)#ip vrf yellow

IUWNE-SW(config-vrf)#rd 1:3

 

 

2. The usage

The next question is: what are we going to do with these?

 

In the example from http://ciscodreamer.blogspot.com/2009/06/vrf-basics.html we can learn that it is eg possible to assign the same IP address to multiple subinterfaces and by

issueing the right VRF, reach individual IP addressess on the other end. Cisco IOS

in this case will not complain about the re-use of the same IP address..

 

Let’s create the subinterfaces and assign VRF’s to each of them:

R1(config)#int fas 0/0.1

R1(config-subif)#encapsulation dot1Q 1

R1(config-subif)#ip vrf forwarding blue

R1(config-subif)#ip address 10.0.0.1 255.255.255.0

R1(config-subif)#no shut

R1(config-subif)#int fas 0/0.2

R1(config-subif)#encapsulation dot1Q 2

R1(config-subif)#ip vrf forwarding red

R1(config-subif)#ip address 10.0.0.1 255.255.255.0

R1(config-subif)#no shut

R1(config-subif)#int fas 0/0.3

R1(config-subif)#ip vrf forwarding yellow

R1(config-subif)#ip address 10.0.0.1 255.255.255.0

R1(config-subif)#encapsulation dot1Q 3

R1(config-subif)#ip address 10.0.0.1 255.255.255.0

R1(config-subif)#no shut

R1(config)#int fas 0/0

R1(config-subif)#no shut

R1(config-subif)#do wri

 

On the switch that we are going to connect to, our router interface will trunk with these 3

subinterfaces, fas0/0.1, .2 and .3.

First let’s check the vrf at work on our router:

R1#sh ip route vrf blue

Routing Table: blue

Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP

D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area

N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2

E1 – OSPF external type 1, E2 – OSPF external type 2

i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2

ia – IS-IS inter area, * – candidate default, U – per-user static route

o – ODR, P – periodic downloaded static route

Gateway of last resort is not set

10.0.0.0/24 is subnetted, 1 subnets

C 10.0.0.0 is directly connected, FastEthernet0/0.1

 

 

R1#ping vrf blue 10.0.0.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms

 

Well well.. this is actually working!

 

3. Connecting to remote IP addressess

Now we connect this router interface fas0/0 to a (switchport) trunk and make sure that

the VLANs 1,2,3 each in turn have an access port assigned to them. To these access ports

we connect a device with an IP address. (here we will use routers but that is

besides the point)

 

See the exhibit of GNS3 to check the connections.

 

Hint: in GNS3 click “manual” under the connections drop down menu to pick an individual interface to make sure you get the right NIC’s connected.

 

In the switchport 1 for vlan 1 (vrf red), the IP of the router on the other end is 10.0.0.2:

R1#ping vrf blue 10.0.0.2

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:

!!!!!

 

In the switchport 2mfor vlan 2 (vrf red), the IP of the router on the other end is 10.0.0.3:

R1#ping vrf red 10.0.0.3

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.3, timeout is 2 seconds:

!!!!!

In the switchport 3 for vlan 3 (vrf yellow), the IP of the router on the other end is 10.0.0.4:

R1#ping vrf yellow 10.0.0.4

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.4, timeout is 2 seconds:

.!!!!

 

So this should be impossible:

R1#ping vrf red 10.0.0.4

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.4, timeout is 2 seconds:

…..

Success rate is 0 percent (0/5)

 

Which it is.. Once again.. life in wonderfull.

This entry was posted in Cisco Networking. Bookmark the permalink.

2 Responses to Explanation by examples: virtual routing tables (vrf)

  1. wouche16 says:

    comment on this post. Great post. Very refreshing given all the duplicate content out there. Thanks for doing something original.

  2. Unquestionably believe that which you said. Your favorite reason seemed to be on the net
    the simplest thing to be aware of. I say to you, I definitely get irked
    while people consider worries that they just do not know about.
    You managed to hit the nail upon the top and also defined
    out the whole thing without having side-effects , people could take a signal.
    Will probably be back to get more. Thanks

    Also visit my blog post Dragonvale Hack

Leave a Reply to wouche16 Cancel reply

Your email address will not be published. Required fields are marked *


− 1 = four

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)

What is 13 + 14 ?
Please leave these two fields as-is: