3com 8807 User Guide
536
C
HAPTER
49: BGP/MPLS VPN C
ONFIGURATION
Figure 131 Hierarchical BGP/MPLS VPN
Introduction to OSPF
Multi-instance
As one of the most popular IGP routing protocols, OSPF is used as an internal
routing protocol in many VPNs. Using OSPF on PE-CE links brings convenience to
you because in this case CE routers only need to support OSPF protocol, without
the need of supporting other protocols, and network administrator only have to
know the OSPF protocol. If you want to transform conventional OSPF backbone
into BGP/MPLS VPN, using OSPF between PE and CE can simplify this transform
process.
routing protocol in many VPNs. Using OSPF on PE-CE links brings convenience to
you because in this case CE routers only need to support OSPF protocol, without
the need of supporting other protocols, and network administrator only have to
know the OSPF protocol. If you want to transform conventional OSPF backbone
into BGP/MPLS VPN, using OSPF between PE and CE can simplify this transform
process.
Therefore IETF raised two new OSPF VPN extension drafts, to provide a complete
solution to SPPF problems in BGP/MPLS VPN application when OSPF is used as
PE-CE routing protocol. In this case, PE router must be able to run multiple OSPF
instances, each of which corresponds to one VPN instance, owns an individual
interface, routing table, and sends VPN routing information over MPLS network
using BGP/OSPF interaction.
solution to SPPF problems in BGP/MPLS VPN application when OSPF is used as
PE-CE routing protocol. In this case, PE router must be able to run multiple OSPF
instances, each of which corresponds to one VPN instance, owns an individual
interface, routing table, and sends VPN routing information over MPLS network
using BGP/OSPF interaction.
If supporting OSPF multi-instance, one router can run multiple OSPF processes,
which can be bound to different VPN instances. In practice, you can create one
OSPF instance for each service type. OSPF multi-instance can fully isolate different
services in transmission, which can solve security problems with low cost to meet
the needs of customers. Generally, OSPF multi-instance is run on PEs; The CE
running OSPF multi-instance in the LAN is called multi-VPN-instance CE. At
present, isolation of LAN services implements by VLAN function of the switch.
OSPF Multi-VPN-Instance CE provides schemes of services isolation implemented
on routers.
which can be bound to different VPN instances. In practice, you can create one
OSPF instance for each service type. OSPF multi-instance can fully isolate different
services in transmission, which can solve security problems with low cost to meet
the needs of customers. Generally, OSPF multi-instance is run on PEs; The CE
running OSPF multi-instance in the LAN is called multi-VPN-instance CE. At
present, isolation of LAN services implements by VLAN function of the switch.
OSPF Multi-VPN-Instance CE provides schemes of services isolation implemented
on routers.
MPLS偼ᑆ㔥
PE
PE
SPE
UPE
CE
CE
CE
CE
VPN1 Site1
VPN2 Site1
VPN1 Site1
VPN2 Site1
UPE
PE
PE
SPE
UPE
CE
CE
CE
CE
VPN1 Site1
VPN2 Site1
VPN1 Site1
VPN2 Site1
UPE
Upper VPN
Lower VPN
MPLS backbone
network
network
MPLS偼ᑆ㔥
PE
PE
SPE
UPE
CE
CE
CE
CE
VPN1 Site1
VPN2 Site1
VPN1 Site1
VPN2 Site1
UPE
PE
PE
SPE
UPE
CE
CE
CE
CE
VPN1 Site1
VPN2 Site1
VPN1 Site1
VPN2 Site1
UPE
MPLS偼ᑆ㔥
PE
PE
SPE
UPE
CE
CE
CE
CE
VPN1 Site1
VPN2 Site1
VPN1 Site1
VPN2 Site1
UPE
PE
PE
SPE
UPE
CE
CE
CE
CE
VPN1 Site1
VPN2 Site1
VPN1 Site1
VPN2 Site1
UPE
MPLS偼ᑆ㔥
PE
PE
SPE
UPE
CE
CE
CE
CE
VPN1 Site1
VPN2 Site1
VPN1 Site1
VPN2 Site1
UPE
PE
PE
SPE
UPE
CE
CE
CE
CE
VPN1 Site1
VPN2 Site1
VPN1 Site1
VPN2 Site1
UPE
Upper VPN
Lower VPN
MPLS backbone
network
network