Friday, March 23, 2012

BGP for VPN signaling

A layer-2 solution, typically, would require simpler PE routers, and without the requirement of having BGP peering sessions set up between the PEs. For service providers who don't rely on BGP or are unwilling to deploy BGP for the new VPN service to avoid the complexity, the layer-2 solution might be more attractive. Use of BGP for VPN signaling between the PEs remains as an option1 to the provider, in case they already have BGP deployed and would like to take advantage of it. As in the layer-3 case, LSPs between the PEs have to be set up for carrying traffic from one PE to the other. Service Provisioning For a layer-3 solution, service provisioning would clearly require designing routing for the specific VPN topology requested by the customer. This means designing the VRFs that are going to contain the customer routes, and deciding on how RDs and Route Target communities are going to be assigned. Note that the service provider has to decide whether a VRF should be shared by multiple customer facing interfaces, or whether a VRF should collect routes from multiple VPNs as in the case of overlapping VPNs. Also, RDs and Route Target communities need to be allocated for the VPN(s) to be provisioned. Then, the PE routers connected to the customer sites that make the VPN need to be configured for the required VRFs, RDs, Route Targets, and any additional options that might be needed for certain topologies. Peering between the PE routers and the customer's CE routers needs to be set up in order to allow the route exchange required for the operation of layer-3 VPNs.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.