© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Complex MPLS VPNs Introducing Overlapping VPNs
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Outline Overview Who Are the Participants in Overlapping VPNs? What Are Typical Overlapping VPN Usages? Overlapping VPN Routing Overlapping VPN Data Flow Configuring Overlapping VPNs Summary
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v CE routers participate in simple VPNs. Some CE routers participate in more than one simple VPN: –Here, A-Central talks to B-Central. Overlapping VPNs
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Typical Overlapping VPN Usages Companies where central sites participate in a corporate network and in an extranet A company with several security-conscious departments that exchange data between their servers
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Overlapping VPN Routing
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Overlapping VPN Data Flow
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Configure one VRF per set of sites with the same VPN membership per PE router. For every set of sites with the same VPN membership, use the same RD. Configure RTs based on the VPN membership of sites in each VRF. Overlapping VPNsConfiguration Tasks
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Configuring Overlapping VPN VRFs
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Summary Overlapping VPNs are used to provide connectivity between segments of two VPNs. There are two uses for overlapping VPNs: –Companies that use MPLS VPNs to implement both intranet and extranet services –Companies that might decide to limit visibility between departments Sites that participate in more than one (overlapping) VPN import and export routes with RTs from any VPN in which they participate. Sites cannot talk to each other if they belong to different VPNs. Overlapping VPN sites are configured with the required RTs based on the VPN membership.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v