Virtual Routing and Forwarding

Virtual routing and forwarding (VRF) is an IP technology that allows multiple instances of a routing table to exist in a router and work simultaneously. This increases functionality by allowing network paths to be segmented without using multiple devices.

NetScaler SD-WAN introduces VRF which allows segmenting networks for additional security and manageability. For example, you can separate guest network traffic from employee traffic, create distinct routing domains to segment large corporate networks, and segment traffic to support multiple customer networks. Each routing domain has its own routing table and enables the support for overlapping IP subnets.

NetScaler SD-WAN appliances implement OSPF and BGP routing protocols for the routing domains to control and segment network traffic.

Following are the list of points to consider when configuring the VRF functionality:

  • By default, routing domains are enabled on an MCN.
  • Routing domains have to be enabled on the Branche sites.
  • Each enabled routing domain must have a virtual interface and virtual IP associated with it.
  • Routing selection is part of all the following configurations:
  • Interface group
  • Virtual IP
  • GRE
  • WAN Link -> Access Interface
  • IPsec tunnels
  • Routes
  • Rules
  • Routing domains are exposed in the web interface configuration only when multiple domains are created.
  • For a Public Internet link, only one primary and secondary access interfaces can be created.
  • For a Private Intranet/MPLS link, one primary and secondary access interface can be created per routing domain.

Virtual Routing and Forwarding