© 2007 Cisco Systems, Inc. All rights reserved.

SNPA v5.0—11-2

© 2007 Cisco Systems, Inc. All rights reserved.

SNPA v5.0—11-3

© 2007 Cisco Systems, Inc. All rights reserved.

SNPA v5.0—11-4

MPLS Layer 3 VPN BGP Allow-AS-In

• allow-AS command is a simple trick to overrule the loop prevention mechanism of external BGP.

MPLS Layer 3 VPN BGP AS Override

Red VRF:

​

Export RT 65000:1

Import RT 65000:101

​

Blue VRF:

​

Export RT 65000:2

Import RT 65000:101

​

​

Common VRF:

​

Export RT 65000:101

Import RT 65000:1

Import RT 65000:2

Company A : HQ_A Site, A1, A2

Company B : HQ_B Site, B1, B2

​

A1, A2, HQ_A Site should communicate

B1, B2, HQ_B Site should communicate

HQ_A and HQ_B should communicate

Company A : HQ_A Site, A1, A2

Company B : HQ_B Site, B1, B2

​

A1,A2,HQ_A Site should communicate

B1,B2,HQ_B Site should communicate

HQ_A and HQ_B should communicate

MPLS L2VPN

Types of Layer 2 VPNs

• Virtual Private Wire Service (VPWS): A VPWS is a VPN service that supplies an L2 point-to-point service. As this is a point-to-point service, there are very few scaling issues with the service as such. Scaling issues might arise from the number of end-points that can be supported on a particular PE.    

​

• Virtual Private LAN Service (VPLS): A VPLS is an L2 service that emulates LAN service across a Wide Area Network (WAN). With regard to the amount of state information that must be kept at the edges in order to support the forwarding function, it has the scaling characteristics of a LAN. Other scaling issues might arise from the number of end-points that can be   supported on a particular PE.

​

MPLS Layer 2 VPN ATOM – Ethernet to Ethernet

Above you see a small MPLS backbone that consists of the PE1, P and PE2 router. This ISP only has one customer that has a HQ and Branch. The customer wants to have the HQ and Branch router to be in the same layer 2 segment.

MPLS Layer 2 VPN ATOM - PPP to PPP

Virtual Private LAN Service (VPLS)�

• VPLS is a broadcast service, which means that the MPLS network emulates a Layer 2 switch.
• Allows multipoint Ethernet network tunneled over MPLS. Several network devices can be connected into one broadcast domain as if they are connected in one local area network.
• VPLS is hardware-specific and is only supported on Cisco carrier-grade devices that run IOS-XR
• Virtual Private LAN Service or VPLS is an Ethernet based point-to-multipoint Layer 2 VPN. It allows a service provider to connect geographically spread LAN networks to each other over its MPLS core. For a customer who uses a VPLS service from a provider, all these sites appear as part of the same Ethernet LAN. In fact, many service providers call their Layer 2 MPLS VPN an Enterprise Virtual Private LAN service.
• VPLS uses a Virtual Forwarding Instance (VFI) to host all of the pseudowires for a particular service. PEs can have more than one VFI - essentially one per VPLS instance they are servicing. Note that some Cisco platforms refer to the VFI as a VSI, so these terms may be used interchangeably in some documentation.
• In VPLS, data from a customer is first sent to the CE router and then to the PE router connected to it. The packet then traverses the MPLS core over an MPLS LSP and arrives at the egress node. From there it is sent to its destination over the CE router at the destination. Layer 2 VPNs have had two different methods for signaling – the LDP-based method from Cisco, which is simpler and more commonly implemented, and the BGP-signaled method from Juniper that is complex but supports auto discovery of new PEs.

​

Traffic Engineering with MPLS

• Traffic can be forwarded based on other parameters (QoS, source, ...).
• Load sharing across unequal paths can be achieved.

​

Primary �OC­192 link

Large Site A

Large Site B

Small Site C

Secondary�OC­48 link

MPLS v1.0—2-40

© 2001, Cisco Systems, Inc.

Overview - TE

• Entire network state/picture should be with us like properties/attributes of an interface / link constraints. Remaining BW of interface is important not only total BW
• Additional information must be carried using routing protocol. Only link state routing protocols (OSPF/ISIS) can do this.
• Now decision is taken based on above information. Algorithm used for this is “Constraint Based SPF (CB-SPF)” or “Path Calculation Algorithm (PCAL)”. In normal SPF, decision is based on metric only. In CB-SPF, it is metric plus link constraints.
• To ensure that best selected path is available, all devices in the path are pre-warned to reserve required BW using RSVP
• To put the traffic in a particular tunnel ( manual / auto )