Scribd
Upload
52 views26 pages

2-ODX302004 CX600 Products BGP MPLS VPN Features ISSUE 1.01

Uploaded by

Gonzalo Gabriel Soñez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
52 views26 pages

2-ODX302004 CX600 Products BGP MPLS VPN Features ISSUE 1.01

Uploaded by

Gonzalo Gabriel Soñez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 26

CX600 Products

BGP MPLS VPN


Features
www.huawei.com

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved.


Foreword
 This course introduces the basic architecture of BGP MPLS
VPN. It specifies the mechanisms of implementation on the
control plane and data plane and discusses the technical
terminologies referred to them.

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page3
Objectives
 Upon completion of this course, you will be able to:
 Understand the model of BGP MPLS VPN

 Understand the basic concepts referred to BGP MPLS VPN

 Understand the mechanisms of the route and label distribution


in BGP MPLS VPN

 Understand the process of data forwarding in BGP MPLS VPN

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page4
VPN Introduction

Virtual Private Network

Overlay VPN Peer-to-Peer VPN

L2 VPN L3 VPN

FR ATM GRE IPSec MPLS VPN

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page5
BGP MPLS VPN Network Architecture
VPNA VPNA
CE
CE
PE P P PE

VPNB VPNB
CE CE

CE PE P P PE
CE
VPNA VPNA

CE
MPLS Domain CE
VPNB VPNB

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page6
BGP MPLS VPN Basic Principles
 VPN Route Distribution
 PEs Learn Routes from CEs

 Route Distribution Among PEs

 CEs Learn Routes from PEs

 Label Distribution
 Tunnel Label Distribution

 VPN Route Label Distribution

 VPN Data Forwarding


 Push on two labels

 Tunnel label guide the packet tunneled to the BGP next hop

 VPN route Label determine the packet forwarded to a CE device

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page7
VPNs with Overlapping Address Spaces
 HQs of Company A and Company B attached to PEA have
overlapping address spaces
10.1.5.0/24 10.1.6.0/24
CEA CEB
HQ of Branch of
Company A Company A

VPNA PEA P PEB VPNA


S3 S3 S0 S0

.1 .2 .5 .6
11.11.11.0/30 11.11.11.4/30
10.1.5.0/24 10.1.8.0/24
MPLS Domain
HQ of Branch of
Company B Company B

CEC CED
VPNB VPNB

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page8
VRF: VPN Routing and Forwarding
Table
VRF for SiteA
Public
PEA routing
10.1.5.0/24 table 10.1.6.0/24
CEA VRF for SiteC CEB
HQ of Branch of
Company A Company A
(SiteA) (SiteB)
L0:1.1.1.1 L0:2.2.2.2 L0:3.3.3.3
VPNA
VPNA PEA P PEB
S3 S3 S0 S0

.1 .2 .5 .6
11.11.11.0/30 11.11.11.4/30
10.1.5.0/24 10.1.8.0/24
MPLS Domain
HQ of Branch of
Company B Company B
(SiteC) (SiteD)

CEC CED VPNB


VPNB

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page9
Binding an Interface with the VPN
Instance
 VRF is also called VPN-instance

VPN-
PE Interface Site
instance

PEA vpna S2 SiteA(HQ of Company A)

S3 SiteX(Other branch of
Company A)

vpnb S1 SiteC(HQ of Company B)

PEB vpna S1 SiteB(Branch of Company A)

vpnb S3 SiteD(Branch of Company B)

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page10
PEA VRF for SiteA (HQ of
Company A)
[PEA]display ip routing-table vpn-instance vpna
Routing Tables: vpna
Destinations : 7 Routes : 7

Destination/Mask Proto Pre Cost NextHop Interface

10.1.1.0/30 Direct 0 0 10.1.1.1 Serial2


10.1.1.1/32 Direct 0 0 127.0.0.1 InLoopBack0
10.1.1.2/32 Direct 0 0 10.1.1.2 Serial2
10.1.2.0/30 BGP 255 0 3.3.3.3 -----
10.1.2.2/32 BGP 255 0 3.3.3.3 -----
10.1.5.0/24 BGP 255 0 10.1.1.2 Serial2
10.1.6.0/24 BGP 255 0 3.3.3.3 -----

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page11
PEA VRF for SiteC (HQ of
Company B)
[PEA]display ip routing-table vpn-instance vpnb
Routing Tables: vpnb
Destinations : 7 Routes : 7

Destination/Mask Proto Pre Cost NextHop Interface

10.1.3.0/30 Direct 0 0 10.1.3.1 Serial1


10.1.3.1/32 Direct 0 0 127.0.0.1 InLoopBack0
10.1.3.2/32 Direct 0 0 10.1.3.2 Serial1
10.1.4.0/30 BGP 255 0 3.3.3.3 -----
10.1.4.2/32 BGP 255 0 3.3.3.3 -----
10.1.5.0/24 BGP 255 0 10.1.3.2 Serial1
10.1.8.0/24 BGP 255 0 3.3.3.3 -----

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page12
PEA Public Routing Table
<PEA>display ip routing-table
Routing Tables: Public
Destinations : 9 Routes : 9

Destination/Mask Proto Pre Cost NextHop Interface

1.1.1.1/32 Direct 0 0 127.0.0.1 InLoopBack0


2.2.2.2/32 OSPF 10 1563 11.11.11.2 Serial3
3.3.3.3/32 OSPF 10 3125 11.11.11.2 Serial3
11.11.11.0/30 Direct 0 0 11.11.11.1 Serial3
11.11.11.1/32 Direct 0 0 127.0.0.1 InLoopBack0
11.11.11.2/32 Direct 0 0 11.11.11.2 Serial3
11.11.11.4/30 OSPF 10 3124 11.11.11.2 Serial3
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoopBack0

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page13
VPN Route Distribution via BGP
 PE routers use MP-BGP to distribute VPN routes to each
other
10.1.5.0/24 10.1.6.0/24
CEA CEB
HQ of Branch of
Company A VPNv4 Address Company A

VPNA VPNA
PEA P PEB
S3 S3 S0 S0

.1 .2 .5 .6
11.11.11.0/30 11.11.11.4/30
10.1.5.0/24 10.1.8.0/24
MPLS Domain
HQ of Branch of
Company B Company B

VPNB
CEC CED VPNB

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page14
RD:Route Distinguisher
 RD:Route Distinguisher
 64bits prefix

 VPNv4 Address
 Consist of a 64-bit RD followed by a 32-bit IPv4
address

 RD unique makes VPNv4 address distinct

VPNv4 Address = Route Distinguisher + IPv4 Address

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page15
Route Distribution among VRFs
between PEs
 CEA belongs to VPNA as well as VPNC
VPNC
10.1.5.0/24 10.1.9.0/24 10.1.6.0/24
CEA CEE Company C CEB
HQ of Branch of
Company A (SiteE)
Company A
(SiteA) (SiteB)

VPNA VPNA
PEA P PEB
VPNC S3 S3 S0 S0

.1 .2 .5 .6
11.11.11.0/30 11.11.11.4/30
10.1.5.0/24 10.1.8.0/24
MPLS Domain
HQ of Branch of
Company B Company B
(SiteC) (SiteD)

CEC CED VPNB


VPNB

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page16
PEA VRF for SiteA (HQ of
Company A)
[PEA]display ip routing-table vpn-instance vpna
Routing Tables: vpna
Destinations : 11 Routes : 11

Destination/Mask Proto Pre Cost NextHop Interface

10.1.1.0/30 Direct 0 0 10.1.1.1 Serial2


10.1.1.1/32 Direct 0 0 127.0.0.1 InLoopBack0
10.1.1.2/32 Direct 0 0 10.1.1.2 Serial2
10.1.2.0/30 BGP 255 0 3.3.3.3 -----
10.1.2.2/32 BGP 255 0 3.3.3.3 -----
10.1.5.0/24 BGP 255 0 10.1.1.2 Serial2
10.1.5.0/30 BGP 255 0 10.1.5.1 Serial0
10.1.5.1/32 BGP 255 0 127.0.0.1 InLoopBack0
10.1.5.2/32 BGP 255 0 10.1.5.2 Serial0
10.1.6.0/24 BGP 255 0 3.3.3.3 -----
10.1.9.0/24 BGP 255 0 10.1.5.2 Serial0

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page17
PEA VRF for SiteE (Company C)

[PEA]display ip routing-table vpn-instance vpnc


Routing Tables: vpnc
Destinations : 8 Routes : 8

Destination/Mask Proto Pre Cost NextHop Interface

10.1.1.0/30 BGP 255 0 10.1.1.1 Serial2


10.1.1.1/32 BGP 255 0 127.0.0.1 InLoopBack0
10.1.1.2/32 BGP 255 0 10.1.1.2 Serial2
10.1.5.0/24 BGP 255 0 10.1.1.2 Serial2
10.1.5.0/30 Direct 0 0 10.1.5.1 Serial0
10.1.5.1/32 Direct 0 0 127.0.0.1 InLoopBack0
10.1.5.2/32 Direct 0 0 10.1.5.2 Serial0
10.1.9.0/24 BGP 255 0 10.1.5.2 Serial0

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page18
PEA VRF for SiteC (HQ of
Company B)
<PEA>display ip routing-table vpn-instance vpnb
Routing Tables: vpnb
Destinations : 7 Routes : 7

Destination/Mask Proto Pre Cost NextHop Interface

10.1.3.0/30 Direct 0 0 10.1.3.1 Serial1


10.1.3.1/32 Direct 0 0 127.0.0.1 InLoopBack0
10.1.3.2/32 Direct 0 0 10.1.3.2 Serial1
10.1.4.0/30 BGP 255 0 3.3.3.3 -----
10.1.4.2/32 BGP 255 0 3.3.3.3 -----
10.1.5.0/24 BGP 255 0 10.1.3.2 Serial1
10.1.8.0/24 BGP 255 0 3.3.3.3 -----

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page19
Route Target
 Route Targets are extended route attributes
 Export Route Target

 Import Route Target

VPN- Export Route Import Route


PE
instance Target Target

PEA vpna 100:1 100:1

300:1 300:1

vpnb 200:1 200:1

vpnc 300:1 300:1

PEB vpna 100:1 100:1

vpnb 200:1 200:1

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page20
How PEs Learn Routes from CEs

10.1.5.0/24
CEA
HQ of
The possible PE/CE Company A
(SiteA)
distribution techniques
are: VPNA PEA
BGP
OSPF
IS-IS
10.1.5.0/24 MPLS Domain
RIPv2
HQ of
Static
Company B
(SiteC)

CEC
VPNB

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page21
Route Distribution by MP-BGP
&VPN Route Label Distribution
10.1.5.0/24 10.1.6.0/24
CEA CEB
HQ of Branch of
Company A BGP,OSPF,RIPv2 Company A
(SiteA) update for
(SiteB)
10.1.5.0/24,NH=CEA

VPNA PEA P PEB VPNA

MPLS Domain
VPNv4 Update
100:1:10.1.5.0/24(RD100:1+IPv4)
NH=PEA
SOO=SiteA RT=100:1
Label=15362

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page22
Populating the VRFs

10.1.5.0/24 10.1.6.0/24
CEA CEB
HQ of Branch of
Company A BGP,OSPF,RIPv2 Company A
update for (SiteB)
(SiteA)
10.1.5.0/24,NH=CEA

VPNA PEA P PEB VPNA

The VPNv4 routes are


converted back into IPv4
routes, and “imported” into
one or more VRFs according
MPLS Domain
to the import RTs of Local
VPNV4 Update VRFs. VPN route label is
100:1:10.1.5.0/24(RD100:1+IPv4)
preserved and will be
NH=PEA
assigned when there is an IP
SOO=SiteA RT=100:1
Label=15362 packet forwarded. The PE
may distribute the routes to
the CE.

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page23
Tunnel Label Distribution

10.1.5.0/24 10.1.6.0/24
CEA Use label CEB
Use label 3
HQ of 1024 for Branch of
for 1.1.1.1/32
Company A 1.1.1.1/32 Company A

L0:1.1.1.1 L0:2.2.2.2 L0:3.3.3.3


VPNA PEA P PEB VPNA
S3 S3 S0 S0

.1 .2 .5 .6
11.11.11.0/30 11.11.11.4/30

MPLS Domain

FEC In/Out Label FEC In/Out Label FEC In/Out Label


1.1.1.1/32 3/NULL 1.1.1.1/32 1024/3 1.1.1.1/32 NULL/1024

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page24
VPN Data Forwarding

10.1.5.0/24 10.1.6.0/24
CEA CEB
HQ of 15362 10.1.5.1 1024
3 15362 10.1.5.1 1024 15362 10.1.5.1 Branch of
Company A Company A

L0:1.1.1.1 L0:2.2.2.2 L0:3.3.3.3


VPNA PEA P PEB VPNA
S3 S3 S0 S0

.1 .2 .5 .6
11.11.11.0/30 11.11.11.4/30

MPLS Domain

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page25
Summary

 What is VRF? Which kind of routes does


VRF maintain?

 What are the functions of RD and RT?

 State the process of routes distribution


of BGP MPLS VPN in brief

 State the process of VPN data


forwarding of BGP MPLS VPN in brief

Copyright © 2009 Huawei Technologies Co., Ltd. All rights reserved. Page26
Thank you
www.huawei.com

You might also like