VRF-lite Feature Overview and Configuration Guide

VRF-lite is VRF without the need to run MPLS in the network. VRF-lite is used for isolating customer networks - it allows multiple secure customer routing domains to co-exist in one physical device simultaneously, which remain completely isolated from each other.

The VRF-lite on AlliedWare Plus Switches guide describes key features and the generic commands used to configure VRF-lite. There are a number of simple configuration examples provided to illustrate its use with OSPF, RIP, and BGP routing protocols. This is followed with a configuration breakdown of a complex inter-VRF scenario, which includes overlapping IP addresses and a range of routing protocols. It includes an explanation of dynamic inter-VRF communication between the global VRF domain and a VRF instance and diagnostics information for troubleshooting VRF-related issues.

The VRF-lite on AR-Series Firewalls guide provides examples showing how to configure:

  • VRF-lite in a device with firewall protection,
  • VRF-lite over a Virtual Tunnel Interface with or without firewall and NAT protection,
  • multiple VRF-instances over an IPsec VPN using Ethernet pseudowires (unmanaged L2TPv3 tunnels), and
  • VRF instances between a central site and multiple remote sites.

These examples are followed by information about static inter-VRF routing, VRF-aware DNS Relay, VRF-aware static ARP, and VRF diagnostics.

AlliedWare Plus

VRF-lite on AlliedWare Plus Switches Feature Overview and Configuration Guide (Rev I)(2.07 MB)
VRF-lite on AR-Series Firewalls Feature Overview and Configuration Guide (Rev D)(1.12 MB)