VRF Lite Configuration on Cisco IOS

davidilles · September 4, 2023, 2:19pm

Hello everyone!

Awesome lesson, thank you so much. However, there are a few things that are not clear to me.

First, where exactly would VRF Lite be used? Are there any examples for this?

I can see how VRF could be used in an MPLS deployment, as the ISP may have a lot of customers there with duplicate private IP space. However, when it comes to VRF Lite, in what situations would we want to use it?

Thank you in advance for your help.

David

lagapidis · September 7, 2023, 4:51am

Hello David

VRF is typically employed with MPLS. However, when VRF is used without MPLS, it is called VRF-lite. What are some use cases for VRF lite? Well here is a partial list:

To serve multi-tenancy: If you have a single network infrastructure, you can create VRFs for each tenant within a building to create their own virtual network topology, thus freeing individual tenants within a building to use their own addressing scheme.
Used with EVN: Easy VIrtual Network is a feature that uses VRF-lite to create multiple routing tables within a routing infrastructure.
Used with LISP: When deploying LISP, VRFs can be used to implement virtualization. LISP supports this by binding the instance ID to VRFs and EID VRFs./box]

Additional uses can include:

Data and Voice segregation - Beyond using just VLANs, you can use different VRFs to route each type of traffic
Isolation of Management Traffic
Migrating networks and integrating mergers
Enhancing network security
Simplifying routing policies

I hope this has been helpful!

Laz

davidesmith681 · May 14, 2024, 10:51am

I recently built a lab with VRF. But I did not understand the purpose of putting a interface and an ip address for the next hop
Ex: ip route 0.0.0.0 0.0.0.0 gi0/0 10.1.2.1

I am use to seeing just the ip address
Ex: ip route 0.0.0.0 0.0.0.0 10.1.2.1

When is it necessary to use both?

lagapidis · May 15, 2024, 11:32am

Hello David

What you are referring to is called a “Fully Specified Route”. Such a route in the routing table includes both the exit interface and the next hop IP address in the entry. You can also have a route that has only the exit interface or a route that has only the next hop IP. Whether a fully specified route or not, all of these are acceptable, however, they function a little bit differently when we perform a routing table lookup.

Take a look at this NetworkLessons note on the topic for more information. Note that this behavior is independent of whether or not you use VRFs.

If you have further questions, don’t hesitate to ask!

I hope this has been helpful!

Laz

sathish84be · August 25, 2024, 8:44am

Thank you for the explanation . i dont see the DN bit in ospf header as well in the LSAs packet. Could you please provide more details on DN and other bits as well.

lagapidis · August 27, 2024, 8:31am

Hello Sathish

The Down Bit or the DN bit can be found within the Options section of an LSA found within the payload of an OSPF message. Take a look at this screenshot of a packet capture to see where you can find it:

The DN bit is found in all LSAs as well as in DB description messages, and is used for much the same purpose. You can find out more information about it at this post, which also includes links…

I hope this has been helpful!

Laz