The VPN - virtual private networks offer the most secure way for the users to share the bandwidth over the ISP backbone network. The VAN is the collection of the sites sharing the common routing tables. A user site connects with the network of the service provider's by one or more interfaces and the provider associates every interface with the VPN routing table. The VPN routing table is also called as the VPN routing/forwarding which is known as VRF table. In the below session, let us see how to configure and verify the VRF lite. Additionally, the manual and auto summarization with any routing protocol is explained clearly.
The VRF is the virtual routing and forwarding table. It is the way to make the multiple routing tables which are solidly separate from one another. There are 2 types of VRF available such as a VRF and VRF lite. The VRF is commonly associated with the MPLS service providers. In such type of networks, the MPLS encapsulations are used to isolate the individual 's traffic and the independent VRF (routing table) is maintained for the every user. Moreover, the MP-BGP is well employed to facilitate the complex schemes of redistribution to import as well as an export route to and from the VRF to offer internet connectivity.
Even though, the VRF configuration is not all dependent on the MPLS. In the Cisco terminology, the deployment of the VRF without the MPLS is called as VRF lite. The VRF lite configuration does not require the route target part. Routing VRF lite can be done by dynamic or static under its VRF instance. The VRF lite allows multiple secure user routing domain to co-exist in the one physical device simultaneously that means remains completely isolated from each other. It is the logical way of segregating the network traffic.
When the route is added to the router, all the connected networks may able to communicate with a new network or prefix unless it is topped by tools like ACL. The new interface or network displays up the new route in the routing table. For the different forwarding decision based on the incoming or outgoing interface, it will be possible by having the separate routing table, simply like a separation of the Ethernet networks by VLAN. The VRF lite interfaces should be layer 3 interfaces and it includes devices such as customer edge, provider edge and provider routers.
The CE - customer edge devices give customer access to a network of service provider over the data link to 1 or more PE routers. The customer edge device advertise the local routes of the sites to a PE router and also learns a virtual private network from that. The catalyst 4500 series type switch will be the CE.
The PE- provider edge routers will exchange the routing information with customer edge devices with the help of the a routing protocol, or a static routing such as RIPv1, RIPv2 and BGP. The provider edge is only needed to maintain the VPN paths for those VPN to which that is attached directly, eliminating the requirement for the provider edge to maintain the entire VPN routes of the service provider. Every PE router will maintain the VRF for its every directly connected site. The multiple interfaces on the PE router will be associated with the single VRF, suppose the whole sites took part in the same virtual private network. Each of the VPN is mapped to the particular VRF. After knowing the local VPN routes from customer edge, the provider edge router exchanges the VPN routing information to the other routers of PE with the help of internal BGP.
The provider routers are also known as the core routers. Provider routers are any routers in a network of service provider which do not attach to the CE devices. The IP addresses, ranges in the 1 VLAn used in the 1 VRF domain may simultaneously can be used in the other VLAN in the different VRF domains within a same device. When the VRF lite segregates the traffic from a different clients or customers, then the VRF lite can allow for the route leakage between a VRF domain with the help of the static inter VRF routes or/and dynamic route leakage through BGP and also the associated route maps. It offers filtered access from the 1 VRF routing domain to the other where an IP address ranges without overlap. The VRF lite allows a reuse of the P addresses on a same physical device.
A VRF lite feature needs the special software licenses. Without any proper license, configuring the VRF is not all possible. Its license key is the one which distributed in an advanced layer 3 license bundle which allows up to the 8 VRF lite instances has to be configured.the configurable VRF lite instances may also be increased through the additional VRF lite license. It needs the advanced layer 3 license bundles to work.
The main purpose of the VRF is to enable the separate IP networks, by using the overlapping of IP address to share the same routers and links. The IP traffic is very constrained to the set of separate internet protocol VPN. This VPN will offer the most secure way for the service providers carry the multiple user's IP networks over the common infrastructure. The various user's IP networks can able to run in the complete isolation from one another, hence there is no need for it to use the separate IP address range. In the VRF lite, there are multiple networks which share the same routers, but no MPLS core is involved in it. Follow the steps to configure the VRF lite:
Define a VRF instance with the help of ip vrf name
Give an appropriate rd value rd nn:nn
If BGP is used, then add the route targets {export/import} nn:nn
Add the interface with the VRF with the help of the command ip vrf forwarding name.
The above configuration is the sample one of creating the VRF lite, the various routing protocols have the different syntax as well as different ways to create it for respective VRF.
In a simple router to the router connected as shown in the above diagram, then the below code are used:
R1
R2:
Although it is recommended to use the rd command, the configuration can be done without rd also. It is the straightforward and simple configuration as well.
Summarization enables the given routing protocols to reduce the IP routing table by taking the steps to advertise the lesser or smaller IP route destination for the large set of networks or subnets. The IP routing entries will consume the bandwidth of the expensive links in between the various geographical locations, then take the CPU cycle on the routers and need a memory.
To provide the network designer the ability to handle larger networks, the summarization is essential for reducing or limiting the IP routing tables. The very important considerations to make while summarizing any IP address space is mainly to ensure the hierarchical design. The summarization can be done by using the ODPF, RIP, or EIGRP. The summarization has a huge range of benefits such as, it reduces the routing table sizes, simplifies the routing algorithm recalculation when the changes occur, allows for the network growth, decreases the needs for the CPU and memory usage on the routers very significantly. The EIGRP has the ability to create the summary routes at an attribute boundaries with the help of the manual summarization. The manual summarization can also be applied anywhere in the EIGRP domain, on each router, on each interface.the summary route can exist in the routing table very long as possible at least 1 more particular route will exist.
By default, the EIGRP has the both manual and auto summary enabled features. In the below sections, let us see the 2 ways:
The EIGRP performs the auto summarization every time it crosses the border between the 2 different important networks. The EIGRP automatically summarizes the networks at a classful boundary.
By default, the EIGRP performs the autosummarization in the 2 situations such as:
Autosummarization can occur at the important class boundary while the path is advertised out the interface which is on the different important class boundary. The summarization will be disabled with a command of no auto summary from the router prompt.
The autosummarization can occur at the important class boundary when distribution the EIGRP into the classful routing protocol, including RIP or IGRP.
EIRGP auto summarization:
In the below figure, router-2 advertises only network - 10.0.0.0/8 to router1, because an interface router2 uses to reach the router1 is in the different important network.
On R1 router:
The route 1 is not marked as the summary route in any form, it resembles like the internal route. Then the metric is the better from among a summarized route. Here, the minimum bandwidth for the route is 256k, however there are links in the network of 10.0.0.0 that has the 56k bandwidth.
While the router is summarizing, the route is built to the null0 for a summarized address as:
The path to the 10.0.0.0/8 is noted as the summary via null0. A topology table entry for the summary route like:
To make the router2 advertise 10.0.0.0 network components rather than the summary, then configure the no auto summary of router2 EIGRP process.
On router2:
With the auto summary is turned off, the router1 sees the entire components of 10.0.0.0 network:
It is true that when the router is configured for the automatic summarization by providing the auto summary command under a routing protocol configuration mode.
Manual summarization:
The EIGRP can be configured to summarize the rotes, whether or not the automatic summarization is enabled. It is because the EIGRP is the classless routing protocol and also includes the subnet mask in the routing updates, the manual summarization also includes the supernet routes. It is important to remember that the supernet is the aggregation of the multiple major classful network addresses.
EIGRP manual summarization:
The EIGRP allows to summarize the external and internal routes on the virtually any of the bit boundary with the help of the manual summarization. The manual summarization of the EIGRP us critical to the large EIGRP networks.
This summarization will not be disabled. In the below figure, router2 is summarizing the 192.1.2.0/24, 192.1.3.0/24 and 192.1.1.0/24 in to the 192.1.0.0/22 CIDR block.
R2 configuration:
R1 configuration:
The most powerful function of the EIGRP is the capacity to advertise the multiple summary routes as well as the default routes on the various interfaces. The most valuable advantage of the EIGRP over the other routing protocol like OSPF is that the manual summarization can also be done on the any router within the network. The single route can also be used to represent the multiple routes that reduce the routing table size in the network. The manual summarization is configured on the per interface basis.
It is important to know that the EIGRP summarizes the networks at a classful boundary. So that the poorly proposed network with the discontinuous subnets may have issue with the connectivity feature is left on.
Verifying the EIGRP:
The VRF lite is merely used for isolating the customer network. It is the lie version of the VRF. This virtual routing and forwarding table to separate the multiple routing tables. It is the most easiest way to perform this task. In the same way, the manual and auto summarization of the routing protocols plays an important role in the summaries of the larger networks especially. But the summarization is explained clearly with the configuration examples. The auto summarization is used to keep the routing tables as clean as possible, by automatically summarizing at the classful boundaries. The manual summarization needs someone to perform in and provide it some though, and also forces all to operate as classless at the same time. Additionally, EIGRP configuration is verified for reference.
Site Search:
SPECIAL OFFER: GET 10% OFF
Pass your Exam with ExamCollection's PREMIUM files!
SPECIAL OFFER: GET 10% OFF
Use Discount Code:
MIN10OFF
A confirmation link was sent to your e-mail.
Please check your mailbox for a message from support@examcollection.com and follow the directions.
Download Free Demo of VCE Exam Simulator
Experience Avanset VCE Exam Simulator for yourself.
Simply submit your e-mail address below to get started with our interactive software demo of your free trial.