Example for Configuring Basic VRF

Owned by Tracy Yang (Unlicensed)
Apr 26, 2023
3 min read


Networking Requirements

Figure 1. VRF Configuration Example

As shown in Figure 1, users of Site1 and Site2 use overlapping IP addresses when accessing the internet from an interface of CE. Deploy VRF function on the CE to segregate the users' routing spaces on Site1 and Site2.

  •  Configure VRFs vrf1 and vrf2 on CE.
  •  Create Layer 3 VLAN interfaces VLAN10 and VLAN20 on user access interface te-1/1/3, Layer 3 VLAN interfaces VLAN11 and VLAN21 on the interface te-1/1/4 connected to PE. Set the overlapping IP address 172.168.1.1 to VLAN10 and VLAN20, 192.168.2.1 to VLAN11 and VLAN21.
  •  Bind the Layer 3 VLAN interfaces VLAN10 and VLAN11 to vrf1, VLAN20 and VLAN21 to vrf2.
  •  Configure a static route for each VRF for data forwarding. For example, the destination network segment is 10.10.1.0/24, the next hop is 172.168.1.3.

Procedure

Step1         Enable IP routing function before using VRF function.

 admin@XorPlus# set ip routing enable true

Step2        Create two VRFs.

admin@Xorplus# set ip vrf vrf1 description East
admin@Xorplus# set ip vrf vrf2 description West

Step3         Configure the VLAN and L3 VLAN interface.

admin@XorPlus# set vlans vlan-id 10
admin@XorPlus# set vlans vlan-id 20
admin@XorPlus# set vlans vlan-id 11
admin@XorPlus# set vlans vlan-id 21
admin@XorPlus#set interface gigabit-ethernet te-1/1/3 family ethernet-switching port-mode trunk
admin@XorPlus#set interface gigabit-ethernet te-1/1/3 family ethernet-switching vlan members 10
admin@XorPlus#set interface gigabit-ethernet te-1/1/3 family ethernet-switching vlan members 20
admin@XorPlus#set interface gigabit-ethernet te-1/1/4 family ethernet-switching port-mode trunk
admin@XorPlus#set interface gigabit-ethernet te-1/1/4 family ethernet-switching vlan members 11
admin@XorPlus#set interface gigabit-ethernet te-1/1/4 family ethernet-switching vlan members 21
admin@XorPlus# set l3-interface vlan-interface vlan10 address 172.168.1.1 prefix-length 24
admin@XorPlus# set l3-interface vlan-interface vlan20 address 172.168.1.1 prefix-length 24
admin@XorPlus# set l3-interface vlan-interface vlan11 address 192.168.2.1 prefix-length 24
admin@XorPlus# set l3-interface vlan-interface vlan21 address 192.168.2.1 prefix-length 24
admin@XorPlus# set vlans vlan-id 10 l3-interface vlan10
admin@XorPlus# set vlans vlan-id 20 l3-interface vlan20
admin@XorPlus# set vlans vlan-id 11 l3-interface vlan11
admin@XorPlus# set vlans vlan-id 21 l3-interface vlan21

Step4         Bind the Layer 3 VLAN interface to the VRF.

admin@XorPlus# set l3-interface vlan-interface vlan10 vrf vrf1
admin@XorPlus# set l3-interface vlan-interface vlan11 vrf vrf1
admin@XorPlus# set l3-interface vlan-interface vlan20 vrf vrf2
admin@XorPlus# set l3-interface vlan-interface vlan21 vrf vrf2

Step5         (Optional) Configure a static route entry into the VRF, the destination network segment is 10.10 1.0/24, the next hop is 172.168.1.3.

admin@XorPlus# set protocols static vrf vrf1 route 10.10.1.0/24 next-hop 172.168.1.3
admin@XorPlus# set protocols static vrf vrf2 route 10.10.1.0/24 next-hop 172.168.1.3


Verify the Configuration

  • You can use the run show vrf command to view the binding information between VRFs and the Layer 3 VLAN interfaces.
admin@Xorplus# run show vrf
Vrf          Description       Interfaces
----------   ---------------   ---------------------
vrf1                              vlan10,vlan11
vrf2                              vlan20,vlan21
  • You can use the run show route vrf command to check the routing table information of the specific VRF.
admin@XorPlus# run show route vrf vrf1
show ip route vrf vrf1
=======================
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR,
       f - OpenFabric,
       > - selected route, * - FIB route, q - queued, r - rejected, b - backup
       t - trapped, o - offload failure
 
VRF vrf1:
S>* 10.10.1.0/24 [1/0] via 172.168.1.3, vlan10, weight 1, 00:00:45
C>* 172.168.1.0/24 is directly connected, vlan10, 00:04:43
C>* 192.168.2.0/24 is directly connected, vlan11, 00:04:45
 
admin@XorPlus# run show route vrf vrf2
show ip route vrf vrf2
=======================
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR,
       f - OpenFabric,
       > - selected route, * - FIB route, q - queued, r - rejected, b - backup
       t - trapped, o - offload failure
 
VRF vrf2:
S>* 10.10.1.0/24 [1/0] via 172.168.1.3, vlan20, weight 1, 00:00:59
C>* 172.168.1.0/24 is directly connected, vlan20, 00:04:56
C>* 192.168.2.0/24 is directly connected, vlan21, 00:04:59

  • You can use the run show route forward-route command to check the hardware route forwarding table information of the specific VRF.

admin@XorPlus# run show route vrf vrf1 forward-route ipv4 all
Destination          NextHopMac          Port   
---------------      -----------------   ---------
192.168.2.0/24       CC:37:AB:BE:0E:D1   connected
172.168.1.0/24       CC:37:AB:BE:0E:D1   connected
10.10.1.0/24         04:7D:7B:62:93:FF   te-1/1/3


Copyright © 2024 Pica8 Inc. All Rights Reserved.