Multi-Role Host; Hovpn - HP HSR6800 Configuration Manual

Multi-role host

The VPN attributes of the packets forwarded from a CE to a PE depend on the VPN instance bound
to the inbound interface. Therefore, all CEs whose packets are forwarded through the same inbound
interface of a PE must belong to the same VPN.
In a real network, however, a CE may need to access multiple VPNs through a single physical
interface. In this case, you can set multiple logical interfaces to meet the requirement. But this needs
extra configurations and brings limitations to the application.
The multi-role host feature is a better solution for a CE to access multiple VPNs. To use this feature,
perform the following configurations on the PE connecting that CE:
•
Bind the interface connected to the CE to a VPN.
•
Configure policy-based routing to allow the PE to route the packets from the CE first through the
routing table of the bound VPN and then if no matching route exists, through the routing table of
another VPN. This makes sure that the CE can access not only the bound VPN but also other
VPNs.
•
Configure static routes for the VPNs other than the bound VPN, with the CE as the next hop, so
the PE can forward the packets from these VPNs back to the CE.
IMPORTANT:
The IP addresses in all VPNs that the CE can access must not overlap.

HoVPN

In MPLS L3VPN solutions, PEs are the key devices, which provide the following functions:
•
User access. This means that the PEs must have a large amount of interfaces.
•
VPN route managing and advertising, and user packet processing, requiring that a PE must
have a large-capacity memory and high forwarding capability.
Most of the current network schemes use the typical hierarchical architecture. For example, the MAN
architecture contains typically three layers, namely, the core layer, distribution layer, and access
layer. From the core layer to the access layer, the performance requirements on the devices
decrease while the network expands.
MPLS L3VPN, on the contrary, is a plane model where performance requirements are the same for
all PEs. If a certain PE has limited performance or scalability, the performance or scalability of the
whole network is influenced.
Due to the difference, you are faced with the scalability problem when deploying PEs at any of the
three layers. Therefore, the plane model is not applicable to the large-scale VPN deployment.
To solve the scalability problem of the plane model, MPLS L3VPN must transition to the hierarchical
model.
In MPLS L3VPN, hierarchy of VPN (HoVPN) was proposed to meet that requirement. With HoVPN,
the PE functions can be distributed among multiple PEs, which take different roles for the same
functions and form a hierarchical architecture.
As in the typical hierarchical network model, HoVPN has different requirements on the devices at
different layers of the hierarchy.
252