Got it

What is vpn-instance on AR and NE routers?

Latest reply: Dec 12, 2021 19:38:20 2732 12 7 0 3

Hi there, everybody!


This post explains what is vpn-instance on AR and NE routers. Please see more details as you read below.


BACKGROUND INFORMATION


As we know, in MPLS network quite a few users which is called CE(customer edge) access to ISP which is called PE(provider edge), here is the problem, if each CE access to the PE with the physical interface, patently, there wouldn't be enough interfaces on PE. Some guys maybe say this problem could be solved by using sub-interface, yes, sub-interface could solve this problem, but there is another problem that we can't ignore, the problem is how to distinguish the routes for the different users. Here we put the vrf also called vpn-instance forward.

 

On wiki VRF is described as: In IP-based computer networks, virtual routing and forwarding (VRF) is a technology that allows multiple instances of a routing table to co-exist within the same router at the same time. Because the routing instances are independent, the same or overlapping IP addresses can be used without conflicting with each other. Network functionality is improved because network paths can be segmented without requiring multiple routers. It seems hard to understand.

 

In fact, we can regard VRF as virtual router, just like divide the physical router into a lot of virtual routers, each virtual router represents a vrf. just as the picture below shows:

 

140850od3x09n7ylzlknkx.png


ROUTE PROTOCOLS

 

Let's talk about the route protocols implemented on the router which has enabled the vpn-instance.


It's known that more than one OSPF process and only one BGP process can be implemented on the router simultaneously. If we enable one OSPF process on the router and import the routes which belong to the vpn-instance, will it success? In fact, this is invalid. We should enable OSPF process for each vpn-instance, and routing-table for each OSPF process are independent. The same action should be performed for other route protocols, but not for the BGP. Actually, we can only enable one BGP process on a router, so the BGP on the router will contain all of the routes comes from the vpn-instance. In this secnario, it feels like the figure below:

 

140908so92xrrdk9rpdrap.png


This would be all on what is vpn-instance on AR and NE routers. Thanks for reading this post!

Very good. Where can apreciated your papper.
View more
  • x
  • convention:

Posted by lucian2003 at 2019-03-21 21:58 Very good. Where can apreciated your papper.
@lucian2003 it's pleasure to be helpful, if you like this, you can hit helpful. and you can recommend this post and the forum to your workmates.
Hope you enjoy this technical journey! What is vpn-instance on AR and NE routers?-2898023-1
View more
  • x
  • convention:

Thanks for this information. I was looking for a clear description of the topic and I found it here. Regards.
View more
  • x
  • convention:

vpn-instance is vrf
View more
  • x
  • convention:

chenhui
chenhui Created Nov 11, 2021 05:52:03 (0) (0)
Indeed.  
Good share thanks
View more
  • x
  • convention:

chenhui
chenhui Created Nov 11, 2021 05:51:18 (0) (0)
Thank you @Unicef  
Unicef
Unicef Reply chenhui  Created Nov 11, 2021 05:53:48 (0) (0)
 
hemin88
Moderator Author Created Nov 12, 2021 10:16:38

VPN instance very well explained, thanks for sharing this here
View more
  • x
  • convention:

chenhui
chenhui Created Nov 16, 2021 00:42:13 (0) (0)
Thanks for your support!  
AL_93
Moderator Created Nov 15, 2021 09:22:34

Thanks for sharing this post..
View more
  • x
  • convention:

Good share! Keep up the excellent work!
View more
  • x
  • convention:

Comment

You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.