58
Virtual Routing and Forwarding (VRF)
Virtual Routing and Forwarding (VRF) allows a physical router to partition itself into multiple Virtual
Routers (VRs). The control and data plane are isolated in each VR so that traffic does NOT flow across
VRs.Virtual Routing and Forwarding (VRF) allows multiple instances of a routing table to co-exist within
the same router at the same time.
VRF Overview
VRF improves functionality by allowing network paths to be segmented without using multiple devices.
Using VRF also increases network security and can eliminate the need for encryption and authentication
due to traffic segmentation.
Internet service providers (ISPs) often take advantage of VRF to create separate virtual private networks
(VPNs) for customers; VRF is also referred to as VPN routing and forwarding.
VRF acts like a logical router; while a physical router may include many routing tables, a VRF instance
uses only a single routing table. VRF uses a forwarding table that designates the next hop for each data
packet, a list of devices that may be called upon to forward the packet, and a set of rules and routing
protocols that govern how the packet is forwarded. These VRF forwarding tables prevent traffic from
being forwarded outside a specific VRF path and also keep out traffic that should remain outside the VRF
path.
VRF uses interfaces to distinguish routes for different VRF instances. Interfaces in a VRF can be either
physical (Ethernet port or port channel) or logical (VLANs). You can configure identical or overlapping IP
subnets on different interfaces if each interface belongs to a different VRF instance.
Virtual Routing and Forwarding (VRF)
921