VRF-Lite

A VRF is a Virtual Routing and Fowarding table. 

VRF-lite is normally VRF without MPLS.

VRF-lite is a feature that enables a service provider to support two or more VPNs, where IP addresses can be overlapped among the VPNs. VRF-lite uses input interfaces to distinguish routes for different VPNs and forms virtual packet-forwarding tables by associating one or more Layer 3 interfaces with each VRF. Interfaces in a VRF can be either physical, such as Ethernet ports, or logical, such as VLAN SVIs, but a Layer 3 interface cannot belong to more than one VRF at any time.
VRF 'UP' and 'DOWN' are configured on ISP router

Initial configuration
UP-LEFT and UP-RIGHT will use EIGRP 1
DOWN-LEFT and DOWN-RIGHT will use OSPF 1
"ISP"  router will use VRFs to separate RIBs for UP and DOWN networks.

UP-LEFT
!
interface Loopback1
 ip address 1.1.1.1 255.255.255.0
!
interface FastEthernet0/0
 ip address 10.0.1.2 255.255.255.0
!
router eigrp 1
 network 1.0.0.0
 network 10.0.0.0
 no auto-summary
 eigrp router-id 1.1.1.1
!
UP-RIGHT
!
interface Loopback1
 ip address 2.2.2.2 255.255.255.0
!
interface FastEthernet0/0
 ip address 10.0.2.2 255.255.255.0
!
router eigrp 1
 network 2.0.0.0
 network 10.0.0.0
 no auto-summary
 eigrp router-id 2.2.2.2
!
DOWN-LEFT
!
interface Loopback1
 ip address 3.3.3.3 255.255.255.0
!
interface FastEthernet0/0
 ip address 10.0.3.2 255.255.255.0
!
router ospf 1
 router-id 3.3.3.3
 log-adjacency-changes
 network 3.3.3.0 0.0.0.255 area 0
 network 10.0.0.0 0.255.255.255 area 0
!
DOWN-RIGHT
!
interface Loopback1
 ip address 4.4.4.4 255.255.255.0
!
interface FastEthernet0/0
 ip address 10.0.4.2 255.255.255.0
 duplex auto
 speed auto
!
router ospf 1
 router-id 4.4.4.4
 log-adjacency-changes
 network 4.4.4.0 0.0.0.255 area 0
 network 10.0.0.0 0.255.255.255 area 0
!

ISP
1) Create and define VRFs
 - VRF name and RD is locally significant.

BGP/MPLS IP VPNs  - http://tools.ietf.org/html/rfc4364

Route Distinguisher
 - A RD is the most basic requirement to activate the VRF and create the VRF tables.
 - Route Distinguisher (RD) - is simply a number, and it does not contain any inherent information; it does not identify the origin of the route or the set of VPNs to which the route is to be distributed.
-  A VPN-IPv4 address is a 12-byte quantity, beginning with an 8-byte (64bits) Route Distinguisher (RD) and ending with a 4-byte(32 bits) IPv4 address. 
 - A RD identifier is  prepended to a IPv4 address which turns a non-unique IPv4 prefix  into a unique 96-bit VPNv4 prefix.
ISP(config-vrf)#rd ?
  ASN:nn or IP-address:nn  VPN Route Distinguisher

Route Target
 - What counts is what you import and export. Importing and exporting route targets use the same syntax as the RD and it is ASN:NN as shown by the example below.
 - A RT or route-target  on the other hand is a BGP extended community which gets attached when a prefix is exported from the VRF RIB table into the VRF-aware BGP table to identify VPN membership. The confusing part is that the RT import/export function in Cisco IOS is defined under the VRF configuration section and not under the BGP section. Thus to use RTs BGP is required. This means without BGP enabled on Router1, the RT import/export would yield no result.
 - By definition the routes that you "export" are only the routes you advertise on the vrf address family in BGP. 
 - The BGP process is required for the creation of the VRF-aware BGP tables.
 - BGP neighbors are not necessary.
 - Lastly since BGP is used the BGP next-hop must be reachable, else the imported routes will not be considered for route-selection.
ISP(config-vrf)#route-target ?
  ASN:nn or IP-address:nn  Target VPN Extended Community
  both                     Both import and export Target-VPN community
  export                   Export Target-VPN community
  import                   Import Target-VPN community
route-target export = redistribute from VRF RIB to VRF BGP.
    (Exported route is now a VPNv4 route in MP-BGP and the RT is included as an extended BGP community.)
route-target import = redistribute from another VRF BGP to current (selected) VRF BGP.



ISP#
!
ip vrf UP
 rd 123:1
 route-target export 123:1
 route-target import 123:99
!
ip vrf DOWN
 rd 123:2
 route-target export 123:2       <- export routes from VRF DOWN's RIB to BGP-VRF-DOWN
 route-target import 123:99    <- import routes from VRF-ALL's RIB to this VRF
!
ip vrf ALL
 rd 123:99
 route-target export 123:99
 route-target import 123:1
 route-target import 123:2
!
2) Set IP on interfaces according to VRF
!
interface Loopback99
 ip vrf forwarding ALL
 ip address 99.99.99.99 255.255.255.0
!
interface FastEthernet0/0
 ip vrf forwarding UP
 ip address 10.0.1.1 255.255.255.0
!
interface FastEthernet0/1
 ip vrf forwarding DOWN
 ip address 10.0.3.1 255.255.255.0
!
interface FastEthernet1/0
 ip vrf forwarding UP
 ip address 10.0.2.1 255.255.255.0
!
interface FastEthernet1/1
 ip vrf forwarding DOWN
 ip address 10.0.4.1 255.255.255.0
!
3) Configure routing protocols in specific VRF's
!
router eigrp 1
 auto-summary
 !
 address-family ipv4 vrf UP
  network 10.0.0.0
  network 99.0.0.0
  no auto-summary
  autonomous-system 1
 exit-address-family
!
router ospf 1 vrf DOWN
 router-id 5.5.5.5
 log-adjacency-changes
 redistribute bgp 1 subnets
 network 10.0.0.0 0.255.255.255 area 0
 network 99.99.99.0 0.0.0.255 area 0
!
4) Configure BGP to make possible VRF iport/export process to work
!
router bgp 1
 no synchronization
 bgp log-neighbor-changes
 bgp redistribute-internal
 no auto-summary
 !
 address-family ipv4 vrf UP
  redistribute connected
  redistribute eigrp 1 metric 99
  no synchronization
  bgp redistribute-internal
 exit-address-family
 !
 address-family ipv4 vrf DOWN
  redistribute connected
  redistribute ospf 1 vrf DOWN metric 110
  no synchronization
  bgp redistribute-internal
 exit-address-family
 !
 address-family ipv4 vrf ALL
  redistribute connected
  no synchronization
  bgp redistribute-internal
 exit-address-family
!
5) Verification
UP-LEFT#sh ip route | be Gatewa
Gateway of last resort is not set

     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback1
     2.0.0.0/24 is subnetted, 1 subnets
D       2.2.2.0 [90/158720] via 10.0.1.1, 2d21h, FastEthernet0/0
     10.0.0.0/24 is subnetted, 2 subnets
D       10.0.2.0 [90/30720] via 10.0.1.1, 2d21h, FastEthernet0/0

C       10.0.1.0 is directly connected, FastEthernet0/0
UP-LEFT#
DOWN-LEFT#sh ip route | be Gatewa
Gateway of last resort is not set

     3.0.0.0/24 is subnetted, 1 subnets
C       3.3.3.0 is directly connected, Loopback1
     4.0.0.0/32 is subnetted, 1 subnets
O       4.4.4.4 [110/3] via 10.0.3.1, 2d21h, FastEthernet0/0

     10.0.0.0/24 is subnetted, 2 subnets
C       10.0.3.0 is directly connected, FastEthernet0/0
O       10.0.4.0 [110/2] via 10.0.3.1, 2d21h, FastEthernet0/0
DOWN-LEFT#

ISP# sh ip route | beg Gate
Gateway of last resort is not set
ISP#

ISP# sh ip route vrf UP | b Gate
Gateway of last resort is not set
     1.0.0.0/24 is subnetted, 1 subnets
D       1.1.1.0 [90/156160] via 10.0.1.2, 2d21h, FastEthernet0/0
     2.0.0.0/24 is subnetted, 1 subnets
D       2.2.2.0 [90/156160] via 10.0.2.2, 2d21h, FastEthernet1/0
     99.0.0.0/24 is subnetted, 1 subnets
B       99.99.99.0 is directly connected, 2d21h, Loopback99
     10.0.0.0/24 is subnetted, 2 subnets
C       10.0.2.0 is directly connected, FastEthernet1/0
C       10.0.1.0 is directly connected, FastEthernet0/0
ISP#

ISP# sh ip route vrf DOWN  | b Gate
Gateway of last resort is not set
     3.0.0.0/32 is subnetted, 1 subnets
O       3.3.3.3 [110/2] via 10.0.3.2, 2d21h, FastEthernet0/1
     4.0.0.0/32 is subnetted, 1 subnets
O       4.4.4.4 [110/2] via 10.0.4.2, 2d21h, FastEthernet1/1
     99.0.0.0/24 is subnetted, 1 subnets
B       99.99.99.0 is directly connected, 2d21h, Loopback99
     10.0.0.0/24 is subnetted, 2 subnets
C       10.0.3.0 is directly connected, FastEthernet0/1
C       10.0.4.0 is directly connected, FastEthernet1/1
ISP#


ISP# sh ip route vrf ALL  | b Gate
Gateway of last resort is not set
     1.0.0.0/24 is subnetted, 1 subnets       <-imported from VRF 'UP'
B       1.1.1.0 [20/99] via 10.0.1.2 (UP), 2d21h, FastEthernet0/0
     2.0.0.0/24 is subnetted, 1 subnets
B       2.2.2.0 [20/99] via 10.0.2.2 (UP), 2d21h, FastEthernet1/0

     3.0.0.0/32 is subnetted, 1 subnets     <-imported from VRF 'DOWN'
B       3.3.3.3 [20/110] via 10.0.3.2 (DOWN), 2d21h, FastEthernet0/1
     4.0.0.0/32 is subnetted, 1 subnets
B       4.4.4.4 [20/110] via 10.0.4.2 (DOWN), 2d21h, FastEthernet1/1

     99.0.0.0/24 is subnetted, 1 subnets
C       99.99.99.0 is directly connected, Loopback99
     10.0.0.0/24 is subnetted, 4 subnets
B       10.0.2.0 is directly connected, 2d21h, FastEthernet1/0
B       10.0.3.0 is directly connected, 2d21h, FastEthernet0/1
B       10.0.1.0 is directly connected, 2d21h, FastEthernet0/0
B       10.0.4.0 is directly connected, 2d21h, FastEthernet1/1
ISP#

ISP#show ip bgp vpnv4 all
% BGP cannot run because the router-id is not configured

BGP table version is 34, local router ID is 0.0.0.0
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 123:1 (default for vrf UP)
*> 1.1.1.0/24       10.0.1.2                99         32768 ?
*> 2.2.2.0/24       10.0.2.2                99         32768 ?
*> 10.0.1.0/24      0.0.0.0                  0         32768 ?
*> 10.0.2.0/24      0.0.0.0                  0         32768 ?
*> 99.99.99.0/24    0.0.0.0                  0         32768 ?
Route Distinguisher: 123:2 (default for vrf DOWN)
*> 3.3.3.3/32       10.0.3.2               110         32768 ?
*> 4.4.4.4/32       10.0.4.2               110         32768 ?
*> 10.0.3.0/24      0.0.0.0                  0         32768 ?
*> 10.0.4.0/24      0.0.0.0                  0         32768 ?
*> 99.99.99.0/24    0.0.0.0                  0         32768 ?
Route Distinguisher: 123:99 (default for vrf ALL)
*> 1.1.1.0/24       10.0.1.2                99         32768 ?
*> 2.2.2.0/24       10.0.2.2                99         32768 ?
*> 3.3.3.3/32       10.0.3.2               110         32768 ?
   Network          Next Hop            Metric LocPrf Weight Path
*> 4.4.4.4/32       10.0.4.2               110         32768 ?
*> 10.0.1.0/24      0.0.0.0                  0         32768 ?
*> 10.0.2.0/24      0.0.0.0                  0         32768 ?
*> 10.0.3.0/24      0.0.0.0                  0         32768 ?
*> 10.0.4.0/24      0.0.0.0                  0         32768 ?
*> 99.99.99.0/24    0.0.0.0                  0         32768 ?
ISP#
ISP#show ip bgp vpnv4 vrf UP 1.1.1.0
% BGP cannot run because the router-id is not configured
BGP routing table entry for 123:1:1.1.1.0/24, version 10
Paths: (1 available, best #1, table UP)
  Not advertised to any peer
  Local
    10.0.1.2 from 0.0.0.0 (0.0.0.0)
      Origin incomplete, metric 99, localpref 100, weight 32768, valid, sourced, best
      Extended Community: RT:123:1 Cost:pre-bestpath:128:156160
        0x8800:32768:0 0x8801:1:130560 0x8802:65281:25600 0x8803:65281:1500
      mpls labels in/out 18/nolabel
ISP#


ISP# ping vrf ALL 4.4.4.4 source loopback 99
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 99.99.99.99
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/11/16 ms
ISP#


Ping from ISP vrf ALL to UP-LEFT's lo1 (vrf UP) failed
ISP# ping vrf ALL 1.1.1.1 source loopback 99
Packet sent with a source address of 99.99.99.99
.....
Success rate is 0 percent (0/5)

 Route 99.99.99.0/24 is present in RIB but not EIGRP topology
ISP#sh ip route vrf UP
Gateway of last resort is not set
     1.0.0.0/24 is subnetted, 1 subnets
D       1.1.1.0 [90/156160] via 10.0.1.2, 2d22h, FastEthernet0/0
     2.0.0.0/24 is subnetted, 1 subnets
D       2.2.2.0 [90/156160] via 10.0.2.2, 2d22h, FastEthernet1/0
     99.0.0.0/24 is subnetted, 1 subnets
B       99.99.99.0 is directly connected, 00:06:46, Loopback99
     10.0.0.0/24 is subnetted, 2 subnets
C       10.0.2.0 is directly connected, FastEthernet1/0
C       10.0.1.0 is directly connected, FastEthernet0/0
ISP#

Redistribute this network
ISP(config)#router eigrp 1
ISP(config-router)#address-family ipv4 vrf UP 
ISP(config-router-af)#redistribute bgp 1 metric  1 1 1 1 1500
Check again
ISP# ping vrf ALL 1.1.1.1 source loopback 99
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 99.99.99.99
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/18/24 ms
ISP#