3Com 8807 Configuration Manual page 530

530 C 49: BGP/MPLS VPN C
HAPTER
BGP/MPLS VPN Model
ONFIGURATION
BGP/MPLS VPN model
Figure 127 MPLS VPN model
VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1
site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1
PE PE PE PE PE PE PE PE PE PE PE PE PE PE PE PE PE
CE CE CE CE CE
VPN2 VPN2 VPN2 VPN2 VPN2 VPN2 VPN2 VPN2 VPN2 VPN2 VPN2 VPN2 VPN2 VPN2 VPN2 VPN2
site 3 site 3 site 3 site 3 site 3 site 3 site 3 site 3 site 3 site 3 site 3 site 3 site 3 site 3 site 3 site 3
CE CE CE CE CE CE CE CE CE CE CE CE CE CE CE CE
As shown in Figure 127, MPLS VPN model contains three parts: CE, PE and P.
CE (Customer Edge) device: It is a composing part of the customer network,
■
which is usually connected with the service provider directly through an
interface. It may be a router or a switch which cannot sense the existence of
VPN.
PE (Provider Edge) router: It is the Provider Edge router, namely the edge device
■
of the provider network, which connects with your CE directly. In MPLS
network, PE router processes all the operations for VPN.PE needs to possess
MPLS basic forwarding capability.
P (Provider) router: It is the backbone router in the provider network, which is
■
not connected with CE directly. P router needs to possess MPLS basic
forwarding capability.
The classification of CE and PE mainly depends on the range for the management
of the provider and the customer, and CE and PE are the edges of the
management ranges.
Nested BGP/MPLS VPN model
In a basic BGP/MPLS VPN model, the PEs are in the network of the service provider
and are managed by the service provider.
When a VPN user wants to subdivide the VPN into multiple VPNs, the traditional
solution is to configure these VPNs directly on the PEs of the service provider. This
solution is easy to implement, but has the following disadvantages: the number of
the VPNs carried on PEs may increase rapidly; the operator may have to perform
more operations when required by a user to adjust the relation between the user's
internal VPNs. These disadvantages not only increase the network operating cost,
but also bring relevant management and security issues.
The nested VPN is a better solution. Its main idea is to transfer VPNv4 route
between PE and CE of common BGP MPLS/VPN such that user themselves can
Backbone network of Backbone network of
the service provider the service provider
P P P P P P P P P P P P P P P P P
P P P P P P P P P P P P P P P P P
PE PE PE PE PE PE PE PE PE PE PE PE PE PE PE PE PE
P P P P P P P P P P P P P P P P P
PE PE PE PE PE PE PE PE PE PE PE PE PE PE PE PE PE
PE PE PE PE PE PE PE PE PE PE PE PE PE PE PE PE PE
site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1 site 1
CE CE CE CE CE CE CE CE CE CE CE CE CE CE CE CE CE
VPN 2 VPN 2 VPN 2 VPN 2 VPN 2 VPN 2 VPN 2 VPN 2 VPN 2 VPN 2 VPN 2 VPN 2 VPN 2 VPN 2 VPN 2 VPN 2 VPN 2
CE CE CE CE CE CE CE CE CE CE CE CE CE CE CE CE CE
site 2 site 2 site 2 site 2 site 2 site 2 site 2 site 2 site 2 site 2 site 2 site 2 site 2 site 2 site 2 site 2 site 2
VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1 VPN1
site 2 site 2 site 2 site 2 site 2 site 2 site 2 site 2 site 2 site 2 site 2 site 2 site 2 site 2 site 2 site 2
CE CE CE CE CE CE CE CE CE CE CE CE CE CE CE CE