Presentation is loading. Please wait.

Presentation is loading. Please wait.

MPLS-VPN/BGP Approach Hari Rakotoranto Technical Marketing Engineer

Similar presentations


Presentation on theme: "MPLS-VPN/BGP Approach Hari Rakotoranto Technical Marketing Engineer"— Presentation transcript:

1 MPLS-VPN/BGP Approach Hari Rakotoranto Technical Marketing Engineer hrakotor@cisco.com

2 Agenda MPLS Business Perspective VPN Concept MPLS VPN

3 Virtual Private Networking: A $24B Opportunity 1998 VPN Service Distribution WW VPN Service Revenues ($B) Source: CIMI Corp. Barriers? VPNs Opportunity

4 Business Perspective Businesses are building on IP Businesses need private IP services Customers Suppliers Partners Telecommuters Mobile Users Remote Offices IP Intranet IP Extranet

5 Agenda MPLS Business Perspective VPN Concept MPLS VPN

6 Virtual Private Networks Concepts 6 © 2000, Cisco Systems, Inc. NW’00 Paris

7 Virtual Private Networks A network infrastructure delivering private network services over a public infrastructure Certainly not a new concept

8 Service Provider Network Provider Edge (PE) device VPN Site VPN - Overlay Model CPE (CE) Device Virtual Circuit Layer-3 Routing Adjacency

9 VPN - Overlay Model Private trunks across a telco/SP shared infrastructure leased/dialup lines FR/ATM virtual circuits IP(GRE) tunnelling Point-to-point solution between customer sites how to size inter-site circuit capacities ? full mesh requirement for optimal routing CPE routing adjacencies between sites

10 Service Provider Network Provider Edge (PE) Router VPN Site CPE (CE) Router Layer-3 Routing Adjacency VPN - Peer-to-Peer Model

11 Provider edge (PE) device exchanges routing information with CPE all customer routes carried within SP IGP simple routing scheme for VPN customer routing between sites is optimal circuit sizing no longer an issue Private addressing is not an option Addition of new site is simpler no overlay mesh to contend with

12 The Solution: MPLS A new paradigm that delivers the best of both worlds: Privacy of ATM, Frame Relay flexibility and scalability of IP IP business servicesFoundation for IP business services flexible grouping of users and value-added services Low cost managed IP servicesLow cost managed IP services scales to large and small private networks Based on RFC2547bis.

13 Agenda MPLS Business Perspective VPN Concept MPLS VPN

14 P Router MPLS/VPN Backbone VPN A SITE-2 Site-1 routes Site-2 routes Site-3 routes Site-4 routes MP-iBGP Basic Intranet Model Site-3 & Site-4 routes RT=VPN-A Site-1 & Site-2 routes RT=VPN-A Site-1 routes Site-2 routes Site-3 routes Site-4 routes SITE-1SITE-3 SITE-4

15 MPLS VPN mechanisms VRF and Multiple Routing Instances Site-1Site-2Site-3Site-4 Logical view Routing view VRF for site-1 Site-1 routes Site-2 routes VRF for site-4 Site-3 routes Site-4 routes VRF for site-2 Site-1 routes Site-2 routes Site-3 routes VRF for site-3 Site-2 routes Site-3 routes Site-4 routes Site-1 Site-3 Site-4 Site-2 VPN-A VPN-C VPN-B PE PP Multihop MP-iBGP

16 MPLS VPN Connection Model PE-1 VPN Backbone IGP PE-2 P P P P PE routers receive IPv4 updates (EBGP, RIPv2, OSPF, Static) PE routers translate into VPN-IPv4 Assign a SOO and RT based on configuration Re-write Next-Hop attribute Assign a label based on VRF and/or interface Send MP-iBGP update to all PE neighbors BGP,RIPv2 update for Net1,Next-Hop=CE-1 VPN-IPv4 update: RD:Net1, Next-hop=PE-1 SOO=Site1, RT=Green, Label=(intCE1) CE-1 Site-2 VPN-IPv4 update is translated into IPv4 address (Net1) put into VRF green since RT=Green and advertised to CE-2 Site-1 CE-2

17 MPLS VPN Connection Model Receiving PEs translate to IPv4 Insert the route into the VRF identified by the RT attribute (based on PE configuration) The label associated to the VPN-IPv4 address will be set on packet forwarded towards the destination PE-1 VPN Backbone IGP PE-2 P P P P BGP,RIPv2 update for Net1,Next-Hop=CE-1 VPN-IPv4 update: RD:Net1, Next-hop=PE-1 SOO=Site1, RT=Green, Label=(intCE1) CE-1 Site-2 VPN-IPv4 update is translated into IPv4 address (Net1) put into VRF green since RT=Green and advertised to CE-2 Site-1 CE-2

18 MPLS/VPN Packet Forwarding

19 P router In Label FEC Out Label - 197.26.15.1/32 - In Label FEC Out Label 41 197.26.15.1/32 POP In Label FEC Out Label - 197.26.15.1/32 41 MPLS/VPN Packet Forwarding Paris Use label implicit-null for destination 197.26.15.1/32 Use label 41 for destination 197.26.15.0/24 VPN-v4 update: RD:1:27:149.27.2.0/24, NH=197.26.15.1 SOO=Paris, RT=VPN-A, Label=(28) PE-1 London PE and P routers have BGP next-hop reachability through the backbone IGP Labels are distributed through LDP corresponding to BGP Next- Hops or RSVP with Traffic Engineering 149.27.2.0/24

20 In Label FEC Out Label - 197.26.15.1/32 41 MPLS/VPN Packet Forwarding Paris 149.27.2.27 PE-1 London 149.27.2.0/24 Ingress PE receives normal IP packets PE router performs IP Longest Match from VPN FIB, finds iBGP next-hop and imposes a stack of labels 149.27.2.272841 VPN-A VRF 149.27.2.0/24, NH=197.26.15.1 Label=(28)

21 In Label FEC Out Label 41 197.26.15.1/32 POP MPLS/VPN Packet Forwarding Paris 149.27.2.27 PE-1 London 149.27.2.0/24 149.27.2.272841 VPN-A VRF 149.27.2.0/24, NH=197.26.15.1 Label=(28) 149.27.2.2728 In Label FEC Out Label 28(V) 149.27.2.0/24 - VPN-A VRF 149.27.2.0/24, NH=Paris 149.27.2.27 Penultimate PE router removes the IGP label Penultimate Hop Popping procedures (implicit-null label) Egress PE router uses the VPN label to select which VPN/CE to forward the packet to VPN label is removed and the packet is routed toward the VPN site

22 22 © 2000, Cisco Systems, Inc. NW’00 Paris


Download ppt "MPLS-VPN/BGP Approach Hari Rakotoranto Technical Marketing Engineer"

Similar presentations


Ads by Google