© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.27-1 Integrating Internet Access with MPLS VPNs Implementing Separate Internet Access and VPN Services.

Презентация:



Advertisements
Похожие презентации
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Integrating Internet Access with MPLS VPNs Introducing Internet Access Models with MPLS VPNs.
Advertisements

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Integrating Internet Access with MPLS VPNs Implementing Internet Access as a Separate VPN.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Technology Introducing VPNs.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Complex MPLS VPNs Introducing Central Services VPNs.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Module Summary Advanced VRF features allow selective import or export of routes. Overlapping.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Complex MPLS VPNs Introducing Managed CE Router Service.
© 2005 Cisco Systems, Inc. All rights reserved. MPLS v Module Summary VPNs replace dedicated links with virtual point-to-point links on common infrastructure,
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Technology Introducing the MPLS VPN Routing Model.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Technology Categorizing VPNs.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Complex MPLS VPNs Introducing Overlapping VPNs.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Complex MPLS VPNs Using Advanced VRF Import and Export Features.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Implementation Configuring an MP-BGP Session Between PE Routers.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS Concepts Identifying MPLS Applications.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Implementation Configuring VRF Tables.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Module Summary Traffic engineering measures, models, and controls traffic The MPLS TE uses.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v Customer-to-Provider Connectivity with BGP Understanding Customer-to-Provider Connectivity.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v Route Selection Using Policy Controls Using Multihomed BGP Networks.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Implementation Configuring Small-Scale Routing Protocols Between PE and CE Routers.
© 2006 Cisco Systems, Inc. All rights reserved.ISCW v Implementation of Frame Mode MPLS MPLS VPN Technology.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v Module Summary Frame Relay functions at the lower two layers of the OSI reference model. Frame.
Транксрипт:

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Integrating Internet Access with MPLS VPNs Implementing Separate Internet Access and VPN Services

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Outline Overview Classical Internet Access for a VPN Customer Using Separate Subinterfaces Accessing the Internet from Every Customer Site Separate Internet Access Benefits and Limitations Summary

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Classical Internet Access for a VPN Customer

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Using Separate Subinterfaces Separate physical links for VPN and Internet traffic are sometimes not acceptable because of high cost. Subinterfaces could be used. –Over WAN links using Frame Relay or ATM encapsulation (including xDSL) –Over LAN links A tunnel interface could be used. –Over a VRF-aware tunnel, so that VPN traffic does not run over a global tunnel

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Example Configuration: Static Routes

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Example Configuration: Dynamic Routes

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Internet Access Through a Dedicated SubinterfaceTraffic Flow

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Every CE router needs two links (or subinterfaces) to its PE router. Using a separate link or links for Internet access will lead to a complex setup for this customer type. Internet Access at Every Customer Site

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Benefits: Well-known model Supports all customer requirements Allows all Internet services implementations, including a BGP session with the customer Drawbacks: This design model requires separate physical link or specific WAN encapsulation. PE routers must be able to perform Internet routing (and potentially carry full Internet routing). Wholesale Internet access or central firewall service cannot be implemented with this model. Benefits and Limitations of Separate Internet Access for the Service Provider

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Summary Classical Internet access for a VPN customer is based on a separated Internet access design model Separate subinterfaces can be used for implementing Internet access through global routing Internet access from every customer site can be supported but is often too complex or too expensive with classic Internet access. The main drawback of separate Internet access is that PE routers potentially carry full Internet routing table

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v