Skip to main content
> Equinix Deploy

Intro to Virtual Routing and Forwarding (VRF)

Introduction to Equinix Metal Virtual Routing and Forwarding

Intro to Virtual Routing and Forwarding (VRF)

On this page

Virtual Routing and Forwarding (VRF) helps you connect your Layer 2 VLANs to other networks: Equinix colocation ports, cloud provider VPCs, or SaaS providers.

Part 1 of this series, Intro to Metal Gateway, explained how servers in Equinix Metal can be networked in one of two modes: the default Layer 3 mode, or on your own private Layer 2 VLAN.

With a VLAN, your network is fully isolated from any external connections, unless you create dedicated servers, configured in hybrid networking mode, to route between the Equinix Metal Layer 3 network and your private VLAN.

Metal Gateway is Equinix's managed virtual router to connect your VLAN to other networks.

Gateway

In this guide, you will learn about VRF, which completes the capabilities of Metal Gateway, enabling a fully interconnected network between your VLANs and other networks.

Interconnection basics

When you want to interconnect two networks, you need two things between them:

  1. A connection
  2. Traffic routing information

Connection

A connection is composed both of the physical wires that connect your networks, as well as the configuration that enables traffic to flow between them.

All servers in Equinix Metal are connected to their upstream routers, and from there to the global Equinix Metal network. When you deploy servers in the same metro and project, Equinix Metal configures the network so that they can send traffic to each other.

If you want to connect your VLAN at Equinix Metal to a VPC at a cloud provider or a port at an Equinix colocation facility, you use Equinix Fabric. Fabric already has the physical wires connecting between the Equinix Metal metro and the remote locations. Creating a Virtual Connection configures Fabric to allow network traffic to flow between the two sides of the VC.

Traffic routing information

A connection is necessary, but it is not sufficient. Even after you connect two or more routers, each router needs to be informed where to send traffic.

For example, if you create a connection between a VLAN's Metal Gateway and an AWS Transit Gateway in a VPC via a Fabric VC, the Transit Gateway needs to know which IP ranges the Metal Gateway can handle, and the Metal Gateway needs to know which IP ranges the Transit Gateway can handle. This becomes even more important when you have not two sides to the connection, but multiple VPCs, multiple colocation ports, and multiple Metal Gateways.

Virtual Routing and Forwarding

Virtual Routing and Forwarding (VRF) provides the traffic routing information between Metal Gateway and the router on the remote end. You can think of Gateway and VRF as partners.

  • Gateway provides the router connection between your Layer 2 VLAN and the Layer 3 routing world
  • VRF provides the Layer 3 configuration, announcing routes and receiving route announcements

Gateway and VRF

VRF can connect your VLAN, via your Gateway, over Fabric, to a cloud provider such as AWS:

VRF and AWS

or Google Cloud:

VRF and Google Cloud

It can connect your Gateway to an Equinix colocation port:

VRF and Port

or to a SaaS provider:

VRF and Salesforce

Multiple Gateways, Single VRF

A VLAN does not require a Metal Gateway to operate. Without a Gateway, all traffic simply flows along Layer 2 between the servers connected to the VLAN.

VLAN no connection

You can add one or more Gateways to a VLAN, each with its own purpose and IP range:

VLAN multiple gateways

From within the console, two Metal Gateways on a single VLAN look like this:

VLAN multiple gateways console

However, unless each serves an entirely different purpose, multiple Gateways often aren't necessary. When you connect a Gateway and a VRF, the VRF can connect to multiple remote locations:

VRF and multiple locations

Each Gateway can connect to exactly one VLAN, and either an Equinix Metal-provided IP range, public or private, on the Equinix Metal network, or to a single VRF. That VRF, in turn, can connect to multiple Fabric VC, providing a simple way to connect your VLAN to multiple cloud provider VPCs, SaaS providers, and Equinix colocation ports.

Summary

Virtual Routing and Forwarding is the "router configuration" component that lets you connect and configure your Layer 3 Gateway to one or more remote locations.

You can connect a single Gateway to just a single VRF, but each VRF can connect to one or multiple remote connections.

Last updated

26 June, 2024

Category

Tagged

Article
You may also like
Dig deeper into similar topics in our archives
Image of Configuring BGP with BIRD 2 on Equinix Metal
Networking Technical
Configuring BGP with BIRD 2 on Equinix Metal

Set up BGP on your Equinix Metal server using BIRD 2, including IP configuration, installation, and neighbor setup to ensure robust routing capabilities between your server and the Equinix M...
Image of Configuring BGP with FRR on an Equinix Metal Server
Networking Technical
Configuring BGP with FRR on an Equinix Metal Server

Establish a robust BGP configuration on your Equinix Metal server using FRR, including setting up network interfaces, installing and configuring FRR software, and ensuring secure and efficie...
Image of Crosscloud VPN with WireGuard
Networking Technical
Crosscloud VPN with WireGuard

Learn to establish secure VPN connections across cloud environments using WireGuard, including detailed setups for site-to-site tunnels and VPN gateways with NAT on Equinix Metal, enhancing...
Image of Deploy Your First Server
Platform Quickstart
Deploy Your First Server

Learn the essentials of deploying your first server with Equinix Metal. Set up your project & SSH keys, provision a server and connect it to the internet.

Ready to kick the tires?

Use code DEPLOYNOW for $300 credit

Sign up
Subscribe to our newsletter

A monthly digest of the latest news, articles, and resources.