[c-nsp] Is this config even possible?

Jeff Kell jeff-kell at utc.edu
Tue May 22 00:23:02 EDT 2007 

Lamar Owen wrote:
> On Monday 14 May 2007, Tuc at T-B-O-H.NET wrote:
>   
>> 	I've never used VRF. Any dummies guides out there? I did a quick
>> Google and find some more involved things, but looking for something starts
>> basic to build the foundation.
>>     
>
> The Ciscopress book 'Network Virtualization' has an excellent introduction and 
> explanation of the technology.
>   

You would think that "something" would be online and understandable by 
now, but alas, none that I have been able to find.

The basic concept is straightforward -- what vlans do for layer 2, VRFs 
do for layer 3.  L2 interfaces are assigned to vlans and default to vlan 
1.  L3 interfaces are assigned to VRFs and default to the global VRF.  
Vlans have their own MAC address tables to determine addressing 
[switching] within a vlan.  VRFs have their own forwarding tables to 
determine addressing [routing] within a VRF.  Each Vlan is like an 
independent "dumb switch".  Each VRF is like an independent "dumb router".

The complexity arises when you connected one VRF switch/router to 
another, then all bets are off :-)

For L2 vlan switch link "uplink aggregation", you conceptually "trunk" 
switches together.  Exactly how you do this may vary (ISL, dot1q, 
subinterfaces, PVCs, multiple uplinks) and there are bells and whistles 
you can add (RSPAN, PVLANs, QinQ, vlan mapping).

For L3 VRF link "uplink aggregation", the purest form is true MPLS, 
which prepends the VRF tag to the L3 packets, like an L2 trunk prepends 
a vlan tag.

But there are other ways of doing this besides MPLS:

* using an L2 trunk, each VRF uplink having it's own dedicated vlan, but 
this requires you "own" the trunk from point to point,

* tunneling each VRF over a common L3 point-to-point "carrier"

The real fun comes in routing between your VRFs.  You can do this 
statically (with some restrictions and esoteric configuration) or 
dynamically with BGP in your PEs.  And at this point, I'm still at the 
learning stage, so I won't pretend to offer any authoritative advise.  
If you want some further best guesses, contact me offline.  If you have 
some further pointers, let us all know :-)

Jeff

More information about the cisco-nsp mailing list