Reference Guide
Virtual Routing and Forwarding (VRF)
Virtual Routing and Forwarding (VRF) allows a physical router to partition itself into multiple Virtual Routers (VRs). The control
and data plane are isolated in each VR so that traffic does NOT flow across VRs.Virtual Routing and Forwarding (VRF) allows
multiple instances of a routing table to co-exist within the same router at the same time.
Topics:
• VRF Overview
• VRF Configuration Notes
• VRF Configuration
• Sample VRF Configuration
• Route Leaking VRFs
• Dynamic Route Leaking
VRF Overview
VRF improves functionality by allowing network paths to be segmented without using multiple devices. Using VRF also increases
network security and can eliminate the need for encryption and authentication due to traffic segmentation.
Internet service providers (ISPs) often take advantage of VRF to create separate virtual private networks (VPNs) for
customers; VRF is also referred to as VPN routing and forwarding.
VRF acts like a logical router; while a physical router may include many routing tables, a VRF instance uses only a single routing
table. VRF uses a forwarding table that designates the next hop for each data packet, a list of devices that may be called upon
to forward the packet, and a set of rules and routing protocols that govern how the packet is forwarded. These VRF forwarding
tables prevent traffic from being forwarded outside a specific VRF path and also keep out traffic that should remain outside the
VRF path.
VRF uses interfaces to distinguish routes for different VRF instances. Interfaces in a VRF can be either physical (Ethernet port
or port channel) or logical (VLANs). You can configure identical or overlapping IP subnets on different interfaces if each
interface belongs to a different VRF instance.
58
Virtual Routing and Forwarding (VRF) 773