Routers in a computer network, such as an Internet Protocol (IP) network, often route packets from a given source to a given destination (as identified by the respective source and destination addresses) over different, parallel data paths. For example, the network may comprise multiple interconnected intermediate devices, such as routers and/or other switching elements, which provide connectivity between an inbound router and an outbound router. As a result, some of the packets traveling between a given source and a given destination may make use of one path, while other packets between the same source and destination make use of one or more alternative paths.
In modern IP networks, routers maintain mappings for distributing traffic flows among different, parallel data paths of this sort. Each path is identified by its next hop from the router and is thus associated with the respective egress interface of the router from which this next hop originates. As the router receives packets, it associates each packet with a particular packet flow and distributes the packets among its egress interfaces using the mapping of flows to data paths. A “flow” in this context refers to a specific sequence of packets transmitted within a certain time frame from a given source to a given destination. The flow can be identified, for example, on the basis of a set of header field shared by all the packets in the flow, such as the fields in the IP 5-tuple (source and destination IP addresses, source and destination ports, and protocol identifier). Distribution of the flows among the egress interfaces in this manner is useful in balancing the load of network traffic among the different paths.
In this regard, for example, U.S. Pat. No. 8,004,990 describes techniques for distributing network traffic across parallel data paths. A router may perform a hash on routing information of the packet to generate a hash value corresponding to the packet flow associated with the packet. The router may map the hash value of the packet to a forwarding element associated with a data path. The router may dynamically update the mapping of hash values to forwarding elements in accordance with traffic flow statistics. In this manner, the router may distribute the packet flows from data paths with high volumes of traffic to data paths with smaller volumes of traffic.
Virtual routing and forwarding (VRF) is a technology implemented in IP routers that allows multiple instances of a routing table to exist in a router and work simultaneously. VRF uses a forwarding table for each VRF instance to designate the next hop for each data packet, as well as a set of rules and routing protocols that govern how the packet is to be forwarded. Because the VRF routing instances are independent, the same or overlapping IP addresses can be used in different instances without conflicting with one another, and network paths can be segmented without requiring multiple routers. Because the traffic is automatically segregated, VRF also increases network security and can mitigate the need for encryption and authentication.