© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Technology Introducing the MPLS VPN Routing Model
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Outline Overview MPLS VPN Routing Requirements What Is the MPLS VPN Routing Model? Existing Internet Routing Support Routing Tables on PE Routers Identifying End-to-End Routing Update Flow Route Distribution to CE Routers Summary
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Routing Requirements CE routers have to run standard IP routing software. PE routers have to support MPLS VPN services and IP routing. P routers have no VPN routes.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Routing: CE Router Perspective The CE routers run standard IP routing software and exchange routing updates with the PE router. –EBGP, OSPF, RIPv2, EIGRP, and static routes are supported. The PE router appears as another router in the C-network.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Routing: Overall Customer Perspective To the customer, the PE routers appear as core routers connected via a BGP backbone. The usual BGP and IGP design rules apply. The P routers are hidden from the customer.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Routing: P Router Perspective P routers do not participate in MPLS VPN routing and do not carry VPN routes. P routers run backbone IGP with the PE routers and exchange information about global subnetworks (core links and loopbacks).
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Routing: PE Router Perspective PE routers: Exchange VPN routes with CE routers via per-VPN routing protocols Exchange core routes with P routers and PE routers via core IGP Exchange VPNv4 routes with other PE routers via MP-IBGP sessions
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Support for Existing Internet Routing PE routers can run standard IPv4 BGP in the global routing table: PE routers exchange Internet routes with other PE routers. CE routers do not participate in Internet routing. P routers do not need to participate in Internet routing.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Routing Tables on PE Routers PE routers contain a number of routing tables: The global routing table contains core routes (filled with core IGP) and Internet routes (filled with IPv4 BGP). The VRF tables contains routes for sites of identical routing requirements from local (IPv4 VPN) and remote (VPNv4 via MP-BGP) CE routers.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v End-to-End Routing Update Flow PE routers receive IPv4 routing updates from CE routers and install them in the appropriate VRF table.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v PE routers export VPN routes from VRF tables into MP-BGP and propagate them as VPNv4 routes to other PE routers. End-to-End Routing Update Flow (Cont.)
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v End-to-End Routing Update Flow: MP-BGP Update An MP-BGP update contains these elements: VPNv4 address Extended communities (route targets, optionally SOO) Label used for VPN packet forwarding Any other BGP attribute (for example, AS path, local preference, MED, standard community)
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v The receiving PE router imports the incoming VPNv4 routes into the appropriate VRF based on route targets attached to the routes. The routes installed in the VRFs are propagated to the CE routers. End-to-End Routing Update Flow (Cont.)
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Route Distribution to CE Routers A route is installed in the site VRF if it matches the import route target attribute. Route distribution to CE sites is driven by the following: –Route targets –SOO attribute if defined
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v What Is Multi-VRF CE (VRF-Lite)? Multi-VRF CE (VRF-lite) is an application based on VRF implementation. –VRF-lite supports multiple overlapping and independent VRFs on the CE router. The CE router separates traffic between client networks using VRFs. There is no MPLS functionality on the CE router. –No label exchange between the CE and PE router. –No labeled packet flow between the CE and PE router. Any routing protocol supported by normal VRF can be used in a Multi-VRF CE implementation.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Summary In MPLS VPNs: –CE routers run standard protocols (static, RIPv2, OSPF, EIGRP, EBGP) to the PE routers. –PE routers provide the VPN routing and services via MP-BGP. –P routers do not participate in VPN routing, and only provide core IGP backbone routing to the PE routers. The PE router functions are extended to carry regular Internet routing via IPv4 BGP in addition to the MP-BGP.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Summary (Cont.) PE routers separate the global IPv4 BGP routing table from each unique customer VPNv4 MP-BGP routing table. The ingress PE router receives CE customer IPv4 updates and exports these IPv4 routes to other PE routers via MP- BGP. The egress PE router imports the VPNv4 routes and forwards them to the CE router as an IPv4 update. Route distribution to destination CE routers is determined by BGP communities using route targets and an optional SOO for loop detection.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v