35.1.3 Example of network construction

Network partitions allow you to build different networks. This section describes how to build a network based on typical network partition applications.

<Structure of this section>

(1) Network-Partitioning Using Ring Protocol

One of the best ways to build a networked partition is to use Ring Protocol. Using Ring Protocol enables high-speed route switching in the event of a failure, enabling reliable networking. It also has the advantage that it is easier to operate the network by centralizing Layer 3 functions in one location.

The following diagram shows a typical network-partitioning configuration using Ring Protocol. User A and User B in the diagram are different VPN and cannot communicate with each other.

Figure 35-3: Network-Partitioning Using Ring Protocol

(2) Addition of layer 3 aggregator

When the number of VRF and locations handled by the entire network increases, the capacity can be distributed by adding a device with Layer 3 functionality. In addition, reliability can be further improved by operating VRRP on devices that require reliability.

The following figure shows an example of building a Layer 3 aggregator.

Figure 35-4: Adding a Layer 3 aggregator

(3) Building without Layer 2 Protocol

You can use VRF feature on networks that do not use Layer 2 protocols.

The following figure shows an example of a configuration that does not use the Layer 2 protocol.

Figure 35-5: Construction without Layer 2 protocol

(4) Implementation of an extranet

An extranet blocks communication between VRF while allowing communication between certain VRF only. This allows you to build a network that allows access to a common server while maintaining security between users.

One of the following VRF relay techniques is used to implement an extranet:

Route exchange between VRFs
Static routing across VRFs
Policy-based Routing

The following figure shows an example of constructing an extranet.

Figure 35-6: Extranet using route exchange

User A (VRF 2) and User B (VRF 4) cannot communicate because the routing information is separate.
User A (VRF 2) and the common server (VRF 3), and User B (VRF 4) and the common server (VRF 3) can communicate because they exchange routes.

The following figure shows the flow of routing information and information exchange by the Switch.

Figure 35-7: Route information of the Switch

(5) Network-Partitioning Using GSRP

VRF can use GSRP as a redundancy feature. GSRP enables high-speed switching of equipment in the event of a failure, enabling reliable networking. It also has the advantage that redundancy of Layer 2 and Layer 3 can be realized by a single function.

The following diagram shows a typical network-partitioning configuration using GSRP. User A and User B in the diagram are different VPN and cannot communicate with each other.

Figure 35-8: Network-Partitioning Using GSRP