Manualsbrain.com
  1. Инструкции и руководства
  2. Бренды
  3. 3com
  4. S7906E
  5. Инструкции По Установке

Инструкции По Установке для 3com S7906E

Скачать
Страница из 2621
 
1-6 
5)  CE 2 transmits the packet to the destination by IP forwarding. 
MPLS L3VPN Networking Schemes 
In MPLS L3VPNs, VPN target attributes are used to control the advertisement and reception of VPN 
routes between sites. They work independently and can be configured with multiple values to support 
flexible VPN access control and implement multiple types of VPN networking schemes. 
Basic VPN networking scheme 
In the simplest case, all users in a VPN form a closed user group. They can forward traffic to each other 
but cannot communicate with any user outside the VPN. 
For this networking scheme, the basic VPN networking scheme, you need to assign a VPN target to 
each VPN for identifying the export target attribute and import target attribute of the VPN. Moreover, this 
VPN target cannot be used by any other VPNs.  
Figure 1-4 Network diagram for basic VPN networking scheme 
 
 
, for example, the VPN target for VPN 1 is 100:1 on the PEs, while that for VPN 2 is 200:1. 
The two VPN 1 sites can communicate with each other, and the two VPN 2 sites can communicate with 
each other. However, the VPN 1 sites cannot communicate with the VPN 2 sites. 
Hub and spoke networking scheme 
For a VPN where a central access control device is required and all users must communicate with each 
other through the access control device, the hub and spoke networking scheme can be used to 
implement the monitoring and filtering of user communications.  
This networking scheme requires two VPN targets: one for the "hub" and the other for the "spoke".  
The VPN target setting rules for VPN instances of all sites on PEs are as follows: 
On spoke PEs (that is, the PEs connected with spoke sites), set the export target attribute to Spoke 
and the import target attribute to Hub. 
On the hub PE (that is, the PE connected to the hub site), specify two interfaces or sub-interfaces, 
one for receiving routes from spoke PEs, and the other for advertising routes to spoke PEs. Set the 
import target attribute of the VPN instance for the former to Spoke, and the export target attribute of 
the VPN instance for the latter to Hub.