What is VRF (virtual routing and forwarding)? What is RD (Route-Distinguisher) and Route Target (RT) ?

  VRF (virtual routing and forwarding)

 

Virtual Routing and Forwarding (VRF) is a technology that allows multiple instances of a routing table to coexist within the same router simultaneously. This enables network paths to be segmented without using multiple devices. VRF keeps customer traffic and routing separate and utilizes the same hardware. Without VRF, we need to use ACL filtering to keep traffic segregated. 

 

Each VRF has three main components, as follows:

• an IP routing table (RIB)
• A CEF FIB, populated based on that VRF's RIB
• A separate instance or process of the routing protocol used to exchange routes with the CEs that need to be supported by the VRF

Key Concepts of VRF

• Routing Isolation: Each VRF maintains its own separate routing table
• Forwarding Isolation: Traffic from one VRF cannot leak into another VRF
• Interface Assignment: Network interfaces are assigned to specific VRFs

 

RD (Route-Distinguisher)

A Route Distinguisher (RD) is a BGP attribute used in MPLS VPNs (RFC 4364) to make overlapping IPv4 addresses unique across different VPNs. It prepends a unique identifier to customer routes, allowing them to be distinguished in the provider's backbone.

RD is a 64-bit (8-bytes) prepended prefix, used to convert a client's non-unique 32-bit IPv4 address into a unique 96-bit VPNv4 address, to enable transport between PE routers. RD uniquely identifies a route (IP prefix), it does NOT identify a VPN. RD is locally significant to a router Without an RD, MPLS VPNs cannot distinguish between duplicate customer routes.

•  A VRF is not operational unless you configure an RD.
• You can see the ASN:nm or ABC:nn format for RD
• Each VRF in a PE router must have a unique RD.

 

A Route Target (RT) is a BGP extended community attribute used in MPLS VPNs to control how routes are imported and exported between VRFs (Virtual Routing and Forwarding instances). RT is a 64-bit extended BGP community that is attached to be VPNv4 BGP route to indicate its VPN membership. Any number of RTs can be attached to a single route.

 

How Does It Work?

Export RTs

• Identifies the VPN membership, to which the associated VRF belongs.
• Export RTs attached to a client's routes, when it is converted into a VPNv4 route.

 

Import RTs

• Import RTs used to select which VPNv4 routes are to be inserted into which VRF tables.
• On the receiving PE router, a route is imported into a VRF only if at least one RT attached to the route matches at least one import RT configured in that VRF. 

 

Routing Instance:

• Each VRF instance acts as a virtual router, with its own routing table and forwarding mechanism.

Interface Isolation:

• VRF interfaces are isolated, meaning they can have the same IP address or other configurations without conflict, says PyNet Labs and Cisco. 

 

 ---------configuation------- please visit----https://mpls.internetworks.in/2025/04/what-mpls-l3-vpn-mpls-vpnv4-peering.html