If you are keen and interested in Virtualization then VRF (Virtual Routing and Forwarding) is the technology you should definately have a look.
VRF , also known as VPN routing and forwarding.
Virtual routing and forwarding (VRF) is a technology included in IP (Internet Protocol) network routers that allows multiple instances of a routing table to exist in a router and work simultaneously. This increases functionality by allowing network paths to be segmented without using multiple devices. Because traffic is automatically segregated, VRF also increases network security and can eliminate the need for encryption and authentication. Internet service providers (ISPs) often take advantage of VRF to create separate virtual private networks (VPNs) for customers.
Each VRF acts as a separate router. Each router will have its own interfaces and its own routing table. The routes in the routing table of one VRF are not visible in any other VRF neither in the global routing table.
VRFs are to Layer 3 what VLANs are to layer 2. They provide a fully isolated network path. Nothing can map from one to the other without the administrator creating a link. VRFs are most common in service providers MPLS networks to isolate different customers. They also can have a roll in corporate networks as well in the form of VRF-lite. Let’s look at a sample deployment scenario: You have two internet connections, one for guest users and one for corporate users. Each is required to be completely isolated from the other. You have VLANs to separate these two classes of users within your network as well. Your network has grown to the point of needing routing inside the corporate network. Enter VRFs. Let’s look at the design in the image below:
The
Blue lines indicate our corporate network while Red is the guest
network. Each has its own path to the internet despite the fact common
hardware is in use.
VRF , also known as VPN routing and forwarding.
Virtual routing and forwarding (VRF) is a technology included in IP (Internet Protocol) network routers that allows multiple instances of a routing table to exist in a router and work simultaneously. This increases functionality by allowing network paths to be segmented without using multiple devices. Because traffic is automatically segregated, VRF also increases network security and can eliminate the need for encryption and authentication. Internet service providers (ISPs) often take advantage of VRF to create separate virtual private networks (VPNs) for customers.
Each VRF acts as a separate router. Each router will have its own interfaces and its own routing table. The routes in the routing table of one VRF are not visible in any other VRF neither in the global routing table.
VRFs are to Layer 3 what VLANs are to layer 2. They provide a fully isolated network path. Nothing can map from one to the other without the administrator creating a link. VRFs are most common in service providers MPLS networks to isolate different customers. They also can have a roll in corporate networks as well in the form of VRF-lite. Let’s look at a sample deployment scenario: You have two internet connections, one for guest users and one for corporate users. Each is required to be completely isolated from the other. You have VLANs to separate these two classes of users within your network as well. Your network has grown to the point of needing routing inside the corporate network. Enter VRFs. Let’s look at the design in the image below:
VRFs split a routed network while VLANs split a switched network
No comments:
Post a Comment