Home > Networking Solutions > Enterprise/Data Center Networking Solutions > SmartFabric OS10 Networking Solutions > Guides > Multitenancy using VRF with Dell SmartFabric OS10 Implementation Guide > Overview
VRF can be used to enable multitenancy for several use cases. It enables data center operators to provide separate isolated networks for customers using existing switch infrastructure. VRF enables a top-of-rack or leaf switch to support more than one customer securely. Overlapping IP address space can exist in a L3 switch, where VRFs isolate them. Layer 3 path isolation with VRF is better than Layer 3 VLAN alone. The VRF enables route table isolation, and the VLAN provides data path isolation.
Consider how VRF can be used in a public cloud repatriation use case. The customer migrates servers, storage, and applications back into their data center from the public cloud. They have determined this move reduces total cost of ownership, improves performance, and gives them more control over their resources and data. They use Dell Technologies products to do so.
IT resources for the sales and marketing user groups are repatriated. They stand up a new server for each. There is an existing switch and server for the general corporate user group. A challenge is that cloud-based sales and marketing resources have IP addresses that overlap with each other and an existing corporate server. They prefer to not reassign the sales and marketing IP address ranges.
Consider two high-level designs that they can use for repatriation. With the first design, the company could purchase additional switches and add them to the data center along with the existing corporate server. The new sales and marketing servers would each be connected to their own switch. See Figure 1.
Alternately the company could use their existing switch and rack (which has capacity) to host the new sales and marketing servers alongside the existing corporate server. They could use VRFs to segment the new servers. See Figure 2.
The customer has chosen the second option, to add the new servers to the existing switch and use VRFs to segment traffic. VRFs are configured in the switch for each server, creating separate routing tables to segment traffic between the existing and new servers. The corporate server already resides in the default VRF, colored in yellow in Figure 2. Two new VRFs are created for sales and marketing, which are colored in red and blue. The VRFs isolate the control and data planes for each set of resources using different routing tables for each. VLANs are also configured for each server to further isolate the data plane.
The example configurations in this guide are built around a single-switch VRF use case. The example use case shows a simple network and compute environment to communicate key VRF information. A more complex environment with a leaf-spine network and multiple ports that are used on each server is supported with VRF.
Another use case where VRF can be helpful is in virtualized environments leveraging Network Virtualization Overlay (NVO). Dell PowerSwitch switches can be used with VMware NSX-T. VRF is configured in the PowerSwitch switches to enable network multitenancy, and NSX-T enables network and compute multitenancy. See the related reference in the Technical Resources chapter.
Some key facts to be aware of with VRF in OS10 include:
Table 1 summarizes VRF support in OS10 software,
Item | Support | Notes |
Supported Platforms | Dell PowerSwitch family | See Reference section. |
Supported OS10 software releases | Dell SmartFabric OS10 10.4.1.0 or later | Some features require a later release. |
VRFs Supported | One management VRF One default VRF 512 nondefault VRFs with static routing 128 nondefault VRFs with dynamic routing | Use the default and nondefault VRFs for routing. |
Routing supported | Static routing Dynamic routing: OSPFv2, OSPFv3, BGP | N/A |
Dynamic routing: OSPFv2, OSPFv3, BGP | Physical and virtual | N/A |
Services supported | Many, such as DHCP, DNS, HTTP, SSH server | In both management and nondefault VRFs |
Route leaking | Static and dynamic | N/A |