cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2925
Views
17
Helpful
4
Replies

Why aren't VRFs defined under VPNv4 address family?

Venison Mogambi
Level 1
Level 1

I've been working on an MPLS/VRF lab and I'm a bit confused by MP-BGP address families. When I configured the PE to P routing (within the MPLS core), the BGP neighbors are configured under the VPNv4 address family, like this:

  address-family vpnv4
  neighbor 10.250.4.1 activate
  neighbor 10.250.4.1 send-community extended

Now I understand that the VPNv4 address-family is necessary because it tells MP-BGP to include RD/RT info with the advertised prefixes. But when I configure my VRFs in MP-BGP, you can only create them in an IPv4 address family (or IPv6, I suppose). Since the VPNv4 AF's purpose is to include RD/RT info, and a VRF is basically defined by its RD/RT info, shouldn't individual VRFs be configured in the VPNv4 AF? Or is VPNv4 a "special" AF that only exists to share prefixes between P router in the MPLS core?

I guess I"m not really clear on the distinction between the IPv4 and VPNv4 address families.

 

 

 

1 Accepted Solution

Accepted Solutions

Jon Marshall
Hall of Fame
Hall of Fame

Each PE router connects to multiple CE devices and receives IPv4 routes from these CEs. The CEs will be from multiple customers and the PE device needs to keep these routes separate so it uses VRFs to achieve this.

But the routes being exchanged between the CE and PE devices are still just IPv4 routes, nothing special, so you configure the peering under an IPv4 address family for that VRF.

Obviously to provide reachability between the customer networks PEs need to exchange these routes between each other. But together with the actual routes they also need to advertise additional information ie. the RD, RT and VPN labels.

The RD is prepended to the IPv4 route to make it unique as well as the RT being included as an extended community and so the routes are no longer normal IPv4 routes, they are now VPNv4 routes and this is why you configure the peering between PEs under a VPNv4 address family.

It's really the difference between the routes you are advertising and to which devices ie. CEs or other PEs.

Note VPNv4 routes are only exchanged between PE routers because only the PE routers need to know about the customer networks.

Jon

View solution in original post

4 Replies 4

Jon Marshall
Hall of Fame
Hall of Fame

Each PE router connects to multiple CE devices and receives IPv4 routes from these CEs. The CEs will be from multiple customers and the PE device needs to keep these routes separate so it uses VRFs to achieve this.

But the routes being exchanged between the CE and PE devices are still just IPv4 routes, nothing special, so you configure the peering under an IPv4 address family for that VRF.

Obviously to provide reachability between the customer networks PEs need to exchange these routes between each other. But together with the actual routes they also need to advertise additional information ie. the RD, RT and VPN labels.

The RD is prepended to the IPv4 route to make it unique as well as the RT being included as an extended community and so the routes are no longer normal IPv4 routes, they are now VPNv4 routes and this is why you configure the peering between PEs under a VPNv4 address family.

It's really the difference between the routes you are advertising and to which devices ie. CEs or other PEs.

Note VPNv4 routes are only exchanged between PE routers because only the PE routers need to know about the customer networks.

Jon

Thanks for helping me understand a question that puzzled me for five years!

Thanks for sharing your experiences. 

Venison Mogambi
Level 1
Level 1

Thanks for the explanation! That certainly makes sense, the way you've described it.