Up to 40% Discount on selected courses!
Big Discount! Just for limited time!
Offer will end in

VRF-Lite+GRE/dot1q or MPLS L3 VPN

Safe Article

VRF-Lite + GRE – I am going to create a new category on the blog which we will discuss together the different technologies,protocols, designs and architecture.

You can suggest a discussion topics and you all please welcome to join the discussions in the comment box of each topic.

I want to throw a first topic for the discussions !

Which Enterprise Architecture is more complex ? ( Did you read network complexity article in the blog ? )

MPLS VPN Technologies and Design are explained in detail in my Instructor Led CCDE and Self Paced CCDE course.


VRF-lite with GRE/dot1q or MPLS L3VPN ?


It is very subjective topic I think there is not absolute corrects thus please share your opinion.Collective of our answers will be creating a detail article and will provide a good resource for the people before they decide a particular technology,protocol,architecture.

UPDATE : Let me provide very brief overview for vrf-lite and MPLS VPNs.

How they can be carried through an overlay to provide data plane separation and how same tasks can be achieved with MPLS layer 3 VPNs.

Vrf-lite provides a control and data plane separation without requiring an MPLS as control or data plane. You don’t need an MPLS encapsulation.

It should be configured hop by hop from source to destinations.

Every node on the path should be configured separately.

GRE and dot1.q can provide data plane separation.

Vendor implementations might have hardware limit, so you should be aware the limits.

Same is true mostly for the MPLS VPNs as well, routing protocol process is limited and varies based on hardware.

By the way for those who don’t know what is the difference between control vs data plane ,very abstracted definition :

The operations on the user traffic is handled at the data plane, the operations between the networking devices is explained and handled with control plane operations.

MPLS VPN on the other hand requires a label at least on the control plane.

MPLS VPN idea is to hide state from the core thus we provide an encapsulation for the underlay.

On the other hand, every node from source to destination keeps state information in the concext of Vrf-lite. If you read the Network Complexity article in the blog, I explained that state information ( Routing tables, MPLS labels, ARP tables, L2 information etc ) is directly related with the network complexity.

Encapsulation might be provided by the GRE,L2tpv3, LDP , RSVP,Segment Routing and so on.We call it transport or underlay, topmost label. (In general you see and hear LDP but I provided many other possible encapsulations mechanisms)

In the context of MPLS L3 VPNs, We have second level of layering to separate end user traffic from each other. This is achieved through Multi Protocol BGP (MP-BGP).

Did you find the article helpful?

Share Now

Share on facebook
Share on twitter
Share on whatsapp
Share on telegram

Frequently Asked Questions About VRF-Lite+GRE/dot1q or MPLS L3 VPN

Related Courses