Cisco VRF Lite Configuration

VRF (Virtual Routing Forwarding) is a tool that enables service providers to support customers with VPNs that have overlapping IP addresses. Usually this tool is part of bigger MPLS and MP-BGP setups and configured on a PE (provider’s edge) router facing a CE (costumer’s edge). VRF can also be used as a sort of VLAN to separate overlapping IPs on a router with no MPLS configured.

In this blog post I will demonstrate how to configure VRF lite in order to separate networks with overlapping IPs.

In the following topology there are three identical networks with the same IP address. Without the use of VRF lite, those networks cannot function. We will use VRF lite to separate those networks.

VRF Lite configuration VRF Lite configuration

These are the steps for VRF lite configuration:

  • Create and name VRFs.

ip vrf VRF1 ip vrf VRF2 ip vrf VRF3

  • Attached VRFs to desired interfaces.

interface FastEthernet0/0 ip vrf forwarding VRF1 ip address 10.0.0.1 255.255.255.0 no shut !

interface FastEthernet1/0 ip vrf forwarding VRF2 ip address 10.0.0.1 255.255.255.0 no shut !

interface FastEthernet2/0 ip vrf forwarding VRF3 ip address 10.0.0.1 255.255.255.0 no shut !

  • Apply routing to specific VRF.

router ospf 1 vrf VRF1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 !

router ospf 2 vrf VRF2 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 !

router ospf 3 vrf VRF1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 !

And you’re done! Now you can use a single router to separate networks with overlapping IPs.