25 configuring vrf lite, 1 vrf and vrf lite overview – CANOGA PERKINS 9175 Configuration Guide User Manual

CanogaOS Configuration Guide

25-1

25 Configuring VRF lite

25.1 VRF and VRF Lite Overview

In the MPLS-VPN model a VPN is defined as a collection of sites sharing a common
routing table. A customer site is connected to the service provider network by one or
more interfaces, where the service provider associates each interface with a VPN routing
table. A VPN routing table is called a VPN routing and forwarding (VRF) table. Figure 1
illustrates the fundamental building blocks of an MPLS-VPN.

Figure 25-1: VRF Topology

VRF-Lite CE extends limited PE functionality to a CE router in an MPLS-VPN model. A
CE router now has the ability to maintain separate VRF tables in order to extend the
privacy and security of an MPLS-VPN down to a branch office rather than just at the PE
router node. Each VRF table can have separate address space.
CE routers use VRF interfaces to form a VLAN-like configuration on the customer side.
Each VRF on the CE router is mapped to a VRF on the PE router. With VRF-Lite CE, the
CE router can only configure VRF interfaces and support VRF routing tables. Multi-VRF
CE extends SOME of the PE functionality to the CE router—there is no label exchange,
there is no LDP adjacency, there is no labeled packet flow between PE and CE. The only
PE-like functionality that is supported is the ability to have multiple VRFs on the CE
router so that different routing decisions can be made. The packets are sent toward the
PE as IP packets.
Benefits of VRF-Lite

• Only one CE router is needed thus simplifying provisioning and network

management rather than a multiple CE router solution.

• CE router has VRF functionality to provid VPN routing information. Less routing

updates to manage on PE route.

• Extends PE routers.