3com 3031 Instruccion De Instalación
BGP/MPLS VPN Overview
693
routing table and label forwarding table, in which the forwarding information of
the message is saved
the message is saved
2 MP-BGP
MP-BGP (multiprotocol extensions for BGP-4, see RFC2283) propagates VPN
membership information and routes between PE routers. It features backward
compatibility: It not only supports conventional IPv4 address family, but also
supports other address families, for example, VPN-IPv4 address family. MP-BGP
ensures that VPN private routes are only advertised within VPNs, as well as
implementing communication between MPLS VPN members.
membership information and routes between PE routers. It features backward
compatibility: It not only supports conventional IPv4 address family, but also
supports other address families, for example, VPN-IPv4 address family. MP-BGP
ensures that VPN private routes are only advertised within VPNs, as well as
implementing communication between MPLS VPN members.
3 VPN-IPv4 address family
VPN is just a private network, so it can use the same IP address to indicate different
sites. But the IP address is supposed to be unique when MP-BGP advertises CE
routes between PE routers, so routing errors may occur for different reasons in
two systems. The solution is to switch IPv4 addresses to VPN-IPv4 address family to
generate a globally unique address before advertising them, so a PE router is
required to support MP-BGP.
sites. But the IP address is supposed to be unique when MP-BGP advertises CE
routes between PE routers, so routing errors may occur for different reasons in
two systems. The solution is to switch IPv4 addresses to VPN-IPv4 address family to
generate a globally unique address before advertising them, so a PE router is
required to support MP-BGP.
A VPN-IPv4 address consists of 12 bytes, and the first eight bytes represent the RD
(Route Distinguisher), which are followed by a 4-byte IPv4 address. The service
providers can distribute RD independently. However, their special AS (Autonomous
System) number must be taken as a part of the RD to ensure that each RD is
globally unique. The VPN-IPv4 address with the RD of zero is synonymous with the
IPv4 address that is globally unique. After being processed in this way, even if the
4-byte IPv4 address contained in VPN-IPv4 address has been overlapped, the
VPN-IPv4 address can still maintain globally unique. RD is only used within the
carrier network to differentiate routes. When the RD is 0, a VPN-IPv4 address is
just a IPv4 address in general sense.
(Route Distinguisher), which are followed by a 4-byte IPv4 address. The service
providers can distribute RD independently. However, their special AS (Autonomous
System) number must be taken as a part of the RD to ensure that each RD is
globally unique. The VPN-IPv4 address with the RD of zero is synonymous with the
IPv4 address that is globally unique. After being processed in this way, even if the
4-byte IPv4 address contained in VPN-IPv4 address has been overlapped, the
VPN-IPv4 address can still maintain globally unique. RD is only used within the
carrier network to differentiate routes. When the RD is 0, a VPN-IPv4 address is
just a IPv4 address in general sense.
The route received by PE from CE is the IPv4 route that needs to be redistributed
into vpn-instance routing table, and in this case a RD needs to be added. It is
recommended that the same RD be configured for the same VPN.
into vpn-instance routing table, and in this case a RD needs to be added. It is
recommended that the same RD be configured for the same VPN.
VPN Target attribute
VPN Target attribute is one of the MP-BGP extension community attributes and is
used to limit VPN routing information advertisement. It identifies the set of sites
that can use some routes, namely which Sites this route can be received, and the
PE router thatcan receive the route transmitted by which Sites. The PE routers
connected with the Site specified in VPN Target can all receive the routes with this
attribute. After PE router has received the route with this attribute, it will add the
route into the corresponding routing table.
used to limit VPN routing information advertisement. It identifies the set of sites
that can use some routes, namely which Sites this route can be received, and the
PE router thatcan receive the route transmitted by which Sites. The PE routers
connected with the Site specified in VPN Target can all receive the routes with this
attribute. After PE router has received the route with this attribute, it will add the
route into the corresponding routing table.
For PE routers, there are two sets of VPN Target attributes: one of them, referred
to as Export Targets, is added to the route received from a direct-connect Site in
advertising local routes to remote PE routers. And the other one, known as Import
Targets, is used to decide which routes can be imported into the routing table of
this Site when receiving routes from remote PE routers.
to as Export Targets, is added to the route received from a direct-connect Site in
advertising local routes to remote PE routers. And the other one, known as Import
Targets, is used to decide which routes can be imported into the routing table of
this Site when receiving routes from remote PE routers.
By matching the VPN Target attribute carried by the route, if there are identical
items in the export VPN target set and import VPN target set, the route is imported
into the VN routing table and then advertised to the CE connected. Otherwise, the
route will be rejected.
items in the export VPN target set and import VPN target set, the route is imported
into the VN routing table and then advertised to the CE connected. Otherwise, the
route will be rejected.