Vrf-Lite Configuration Guidelines - Cisco Catalyst 4500 series Administration Manual
Hide thumbs
Also See for Catalyst 4500 series:
- Software configuration manual (2086 pages) ,
- Configuration manual (1610 pages) ,
- Command reference manual (1230 pages)
Table of Contents
Advertisement
Chapter 41
Configuring VRF-lite
Figure 41-1
Figure 41-1
•
•
•
•
To configure VRF, create a VRF table and specify the Layer 3 interface associated with the VRF. You
then configure the routing protocols in the VPN and between the CE and the PE. BGP is the preferred
routing protocol used to distribute VPN routing information across the providers' backbone. The
VRF-lite network has three major components:
•
•
•
VRF-lite Configuration Guidelines
IPv4 and IPv6
•
•
OL_28731-01
Catalyst 4500 Series Switches Acting as Multiple Virtual CEs
VPN 1
CE
Catalyst 4500
Si
switch
VPN 2
illustrates the packet-forwarding process in a VRF-lite CE-enabled network.
When the CE receives a packet from a VPN, it looks up the routing table based on the input interface.
When a route is found, the CE forwards the packet to the PE.
When the ingress PE receives a packet from the CE, it performs a VRF lookup. When a route is
found, the router adds a corresponding MPLS label to the packet and sends it to the MPLS network.
When an egress PE receives a packet from the network, it strips the label and uses the label to
identify the correct VPN routing table. The egress PE then performs the normal route lookup. When
a route is found, it forwards the packet to the correct adjacency.
When a CE receives a packet from an egress PE, it uses the input interface to look up the correct
VPN routing table. If a route is found, the CE forwards the packet within the VPN.
VPN route target communities—Lists all other members of a VPN community. You need to
configure VPN route targets for each VPN community member.
Multiprotocol BGP peering of VPN community PE routers—Propagates VRF reachability
information to all members of a VPN community. You need to configure BGP peering in all PE
routers within a VPN community.
VPN forwarding—Transports all traffic between all VPN community members across a VPN
service-provider network.
A switch with VRF-lite is shared by multiple customers, and all customers have their own routing
tables.
Because customers use different VRF tables, you can reuse the same IP addresses. Overlapped IP
addresses are allowed in different VPNs.
PE
MPLS
network
MPLS-VRF
router
CE = Customer edge device
PE = Provider edge router
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
VRF-lite Configuration Guidelines
CE
PE
Catalyst 4500
Si
switch
MPLS-VRF
router
VPN 1
VPN 2
41-3
Advertisement
Chapters
Table of Contents
Troubleshooting
