CHAPTER
26-1
Software Configuration Guide—Release 12.2(25)SG
OL-7659-03
26
Configuring VRF-lite
Virtual Private Networks (VPNs) provide a secure way for customers to share bandwidth over an ISP
backbone network. A VPN is a collection of sites sharing a common routing table. A customer site is
connected to the service provider network by one or more interfaces, and the service provider associates
each interface with a VPN routing table. A VPN routing table is called a VPN routing/forwarding (VRF)
table.
With the VRF-lite feature, the Catalyst 4500 series switch supports multiple VPN routing/forwarding
instances in customer edge devices. (VRF-lite is also termed multi-VRF CE, or multi-VRF Customer
Edge Device). VRF-lite allows a service provider to support two or more VPNs with overlapping IP
addresses using one interface.
Note The switch does not use Multiprotocol Label Switching (MPLS) to support VPNs. For information about
MPLS VRF, refer to the Cisco IOS Switching Services Configuration Guide for Release 12.3 at:
http://www.cisco.com/univerd/cc/td/doc/product/software/ios123/123cgcr/swit_vcg.htm
This chapter includes these topics:
Understanding VRF-lite, page 26-2
Default VRF-lite Configuration, page 26-3
VRF-lite Configuration Guidelines, page 26-4
Configuring VRFs, page 26-5
Configuring a VPN Routing Session, page 26-5
Configuring BGP PE to CE Routing Sessions, page 26-6
VRF-lite Configuration Example, page 26-7
Displaying VRF-lite Status, page 26-11
Note For complete syntax and usage information for the switch commands used in this chapter, refer to the
Catalyst 4500 Series Switch Cisco IOS Command Reference and related publications at
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/index.htm.