180 likes | 397 Views
MPLS VPN Technology. Introducing the MPLS VPN Routing Model. Outline. Overview MPLS VPN Routing Requirements What Is the MPLS VPN Routing Model? Existing Internet Routing Support Routing Tables on PE Routers Identifying End-to-End Routing Update Flow Route Distribution to CE R outers
E N D
MPLS VPN Technology Introducing the MPLS VPN Routing Model
Outline • Overview • MPLS VPN Routing Requirements • What Is the MPLS VPN Routing Model? • Existing Internet Routing Support • Routing Tables on PE Routers • Identifying End-to-End Routing Update Flow • Route Distribution to CE Routers • Summary
MPLS VPN Routing Requirements • CE routers have to run standard IP routing software. • PE routers have to support MPLS VPN services and IP routing. • P routers have no VPN routes.
The CE routers run standard IP routing software and exchange routing updates with the PE router. EBGP, OSPF, RIPv2, EIGRP, and static routes are supported. The PE router appears as another router in the C-network. MPLS VPN Routing:CE Router Perspective
MPLS VPN Routing:Overall Customer Perspective • To the customer, the PE routers appear as core routers connected via a BGP backbone. • The usual BGP and IGP design rules apply. • The P routers are hidden from the customer.
MPLS VPN Routing:P Router Perspective • P routers do not participate in MPLS VPN routing and do not carry VPN routes. • P routers run backbone IGP with the PE routers and exchange information about global subnetworks (core links and loopbacks).
MPLS VPN Routing:PE Router Perspective • PE routers: • Exchange VPN routes with CE routers via per-VPN routing protocols • Exchange core routes with P routers and PE routers via core IGP • Exchange VPNv4 routes with other PE routers via MP-IBGP sessions
PE routers can run standard IPv4 BGP in the global routing table: PE routers exchange Internet routes with other PE routers. CErouters do not participate in Internet routing. Prouters do not need to participate in Internet routing. Support for Existing Internet Routing
PE routers contain a number of routing tables: The global routing table contains core routes (filled with core IGP) and Internet routes (filled with IPv4 BGP). The VRF tables contains routes for sites of identical routing requirements from local (IPv4 VPN) and remote (VPNv4 via MP-BGP) CE routers. Routing Tables on PE Routers
PE routers receive IPv4 routing updates from CE routers and install them in the appropriate VRF table. End-to-End Routing Update Flow
PE routers export VPN routes from VRF tables into MP-BGP and propagate them as VPNv4 routes to other PE routers. End-to-End Routing Update Flow (Cont.)
End-to-End Routing Update Flow:MP-BGP Update • An MP-BGP update contains these elements: • VPNv4 address • Extended communities (route targets, optionally SOO) • Label used for VPN packet forwarding • Any other BGP attribute (for example, AS path, local preference, MED, standard community)
The receiving PE router imports the incoming VPNv4 routes into the appropriate VRF based on route targets attached to the routes. The routes installed in the VRFs are propagated to the CE routers. End-to-End Routing Update Flow (Cont.)
Route Distribution to CE Routers • A route is installed in the site VRF if it matches the import route target attribute. • Route distribution to CE sites is driven by the following: • Route targets • SOO attribute if defined
What Is Multi-VRF CE (VRF-Lite)? • Multi-VRF CE (VRF-lite) is an application based on VRF implementation. • VRF-lite supports multiple overlapping and independent VRFs on the CE router. • The CE router separates traffic between client networks using VRFs. • There is no MPLS functionality on the CE router. • No label exchange between the CE and PE router. • No labeled packet flow between the CE and PE router. • Any routing protocol supported by normal VRF can be used in a Multi-VRF CE implementation.
Summary • In MPLS VPNs: • CE routers run standard protocols (static, RIPv2, OSPF, EIGRP, EBGP) to the PE routers. • PE routers provide the VPN routing and services via MP-BGP. • P routers do not participate in VPN routing, and only provide core IGP backbone routing to the PE routers. • The PE router functions are extended to carry regular Internet routing via IPv4 BGP in addition to the MP-BGP.
Summary (Cont.) • PE routers separate the global IPv4 BGP routing table from each unique customer VPNv4 MP-BGP routing table. • The ingress PE router receives CE customer IPv4 updates and exports these IPv4 routes to other PE routers via MP-BGP. • The egress PE router imports the VPNv4 routes and forwards them to the CE router as an IPv4 update. • Route distribution to destination CE routers is determined by BGP communities using route targets and an optional SOO for loop detection.