Solved: Re: VRF and ARP table memory utilization

Rafael Carvallo · ‎06-07-2019

Hi Community,

Recently I've been involved in a proyect that requires the usage of VRF and MP-BGP.

Here's my doubt:

SWITCH_A has two VRF (Red and Blue), those VRFs have assigned the VLANS 100 and 200 respectively
VLAN 100 subnet is 192.168.100.0/24, VLAN 200 subnet is 192.168.200.0/24
Via MP-BGP VRF Red learns VRF Blue locally attached subnets (and viceversa)
- They learn other VRF subnets but I don't need we should consider that now for this question
So VRF Red has two routes:
- 192.168.100.0/24 (locally connected)
- 192.168.200.0/24 (also locally connected but via VRF Blue)
VRF Blue has also the same two routers but 192.168.200.0/24 is local and 192.168.100.0/24 is also local but via VRF Red

Each VRF has its own ARP table, or so it seems by the fact that I have to query the ARP table specifying the VRF

So here's my question, does this mean, that the switch will use 2x the memory resources for the ARP table? in short, by doing this, each ARP entry will require 2 memory "slots"? say 192.168.100.100, this IP is on VLAN 100 on VRF Red, ok there's an ARP entry there for it. But it's also an ARP entry on VRF Blue, If my hypothetical switch has only 10 memory slots for ARP entries, by doing this I've consumed already 2 (remaining 8, so in "reality" I could only have 5 ARP records).

Is this the case? or the switches only store a reference to the ARP table of the other VRF to save memory?

Thank you in advance for the replies.

Giuseppe Larosa · ‎06-07-2019

Hello Rafael,

it is true that each VRF has its own VRF table, but your network scenario will not lead to double usage of ARP tables.

The ARP table is used only for directly connected devices that are in the locally attached Vlan/subnet.

The IP addresses coming from the other VRF will not be seen as Connected.

You can check this with show ip route vrf Red

and

show ip route vrf Blue

in show ip route vrf RED you should see:

a Connected network of 192.168.100.0/24 -> this will lead to ARP resolution in vrf RED

a L network for the specific address of the switch in Vlan 100 = SVI interface vlan 100

a BGP network B with admin distance 200 (coming from iBGP) for the network imported from the other VRf

something like

B [ 200/0] 192.168.200.0/24 via

So hosts in network 192.168.200./24 do not need an ARP entry in vrf RED ARP table as they are not directly connected.

The same happens in vrf Blue that should see

192.168.200/24 as connected --> this leads to ARP usage

L 192.168.220.1 for SVI Vlan 200

B 192.168.100.0/24 ! imported route from vrf RED does not need ARP entries in vrf Blue ARP table

Hope to help

Giuseppe

View solution in original post

Giuseppe Larosa · ‎06-07-2019