Table of Contents
Advertisement
VPN Switching
VPN Switching Operation
The IP VPN feature for MPLS allows a Cisco IOS network to deploy scalable IP Layer 3 VPN backbone
services to multiple sites deployed on a shared infrastructure while also providing the same access or security
policies as a private network. VPN based on MPLS technology provides the benefits of routing isolation and
security, as well as simplified routing and better scalability.
Refer to the Cisco IOS software documentation for a conceptual MPLS VPN overview and configuration
details at this URL:
http://www.cisco.com/en/US/docs/ios/12_2/switch/configuration/guide/xcftagov_ps1835_TSD_Produc
ts_Configuration_Guide_Chapter.html
A typical MPLS VPN network topology is shown in
Figure 21-3
At the ingress PE, the PFC3B makes a forwarding decision based on the packet headers. The PFC3B
contains a table that maps VLANs to VPNs. In the Catalyst 6500 series switch architecture, all physical
ingress interfaces in the system are associated with a specific VPN. The PFC3B looks up the IP
destination address in the CEF table but only against prefixes that are in the specific VPN. (The table
entry points to a specific set of adjacencies and one is chosen as part of the load-balancing decision if
multiple parallel paths exist.)
The table entry contains the information on the Layer 2 header that the packet needs, as well as the
specific MPLS labels to be pushed onto the frame. The information to rewrite the packet goes back to
the ingress line card where it is rewritten and forwarded to the egress line interface.
VPN traffic is handled at the egress from the PE based upon the per-prefix labels or aggregate labels. If
per-prefix labels are used, then each VPN prefix has a unique label association; this allows the PE to
forward the packet to the final destination based upon a label lookup in the FIB.
The PFC3B allocates only one aggregate label per VRF.
Note
Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide, Release 12.2ZY
21-10
VPNs with Service Provider Backbone
VPN 1
Site 1
PE
CE
Chapter 21
Configuring Multiprotocol Label Switching
Figure
21-3.
Service provider
backbone
P
P
PE
P
P
VPN 2
Site 1
CE
PE
Site 2
CE
VPN 1
Site 2
CE
OL-11439-03
- Quick Links:
- Product Overview
Hide quick links:
Advertisement
Table of Contents
