Layer 3 MPLS VPNs

Layer 3 MPLS VPNs

In the previous two tips, I discussed traditional VPNs and CPE based VPNs utilizing IPsec and compared some of the features of each with MPLS VPNs. The remainder of the tips that I write will focus on MPLS exclusively. MPLS is often called a provider-provisioned VPN and can support both Layer 3 and Layer 2 VPNs over an IP backbone. This article focuses on the Layer 3 VPNs.

Layer 3 MPLS VPNs are based on RFC 2547 and 2547bis. RFC 2547 is an IETF informational document only and RFC 2547bis is an internet draft. Neither of the two RFCs are standards; however, the majority of the L3 MPLS vendors use these.

The basic components of a Layer 3 VPN are the P, PE and CE routers. The PE router sits at the edge of the provider's network and provides the interface between the customer edge (CE) router and the MPLS backbone. MPLS routers in the core are called Provider (P) routers, and they interconnect the PE routers at the edge. The CE routers exchange their routing tables with the PE routers via standard routing protocols (RIP, OSPF, EIGRP

    Requires Free Membership to View

    Login

    SearchEnterpriseWAN.com members gain immediate and unlimited access to breaking industry news, best practices for designing and managing Wide Area Networks, WAN Security, and more -- all at no cost. Join me on SearchEnterpriseWAN.com today!

    Kate Gerwig, Editorial Director

    By submitting your registration information to SearchEnterpriseWAN.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchEnterpriseWAN.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

and BGP).

The PE routers store the routing updates from each customer's CE router in a virtual router field or VRF. Each CE router has its own VRF on the PE. The customer then advertises all routes associated with that location to the PE. Once all the PE routers that connect to a particular customer have the customers routing information in a VRF, the PE routers exchange information using multiprotocol BGP. These routes and the corresponding VRFs make up the customer VPN.

To the customer, from a routing perspective, the CE routers appear as if connected via a traditional VPN. The customer can view the routing table on the CE router and see routes to remote sites just as they would with a traditional VPN. However, there are none of the complexities associated with a traditional VPN, such as the hassle of managing complex PVC meshing and routing protocol adjacencies. The routing adjacencies formed are between the CE and PE, not CE to CE. The CE has one interface to the MPLS cloud, and the MPLS provides full or partial meshing between the customer CEs attached to the network. This is one of the true benefits of Layer 3 MPLS VPNs. The provider handles all of the meshing and can provide any-to-any connectivity over a multitude of interface types. Previously, if a customer wanted to mesh their remote locations, they had to purchase leased lines and build a mesh of PVCs. The routing architecture and propagation of routes was up to the customer; the provider only ensured connectivity. With Layer 3 MPLS VPNs, all that is required is the advertisement of the routes to the PE. The provider handles the rest.

Layer 3 MPLS VPNs provide any to any connectivity for a customer with distributed geographic locations. The connectivity to the MPLS cloud is interface-agnostic and does not require the customer to provision and manage complex PVC meshing. In addition, the routing architecture is simplified immensely as the customer only has to ensure that the CE routes are propagated to the PE router. The provider handles all the route propagation between the customer CE routers attached to the core. The only drawback to this solution is that the provider may not have the geographic footprint to reach all the customer locations. This can be cost prohibitive if the customer has to purchase a local loop to the nearest PE router in the provider's POP. This is a limiting factor with MPLS deployment, especially for organizations that have international locations.

The next tip will discuss how multiprotocol BGP is used to propagate CE routes between PE routers, and how MPLS allows for customers with overlapping address space.

Robbie Harrell (CCIE#3873) is the National Practice Lead for Advanced Infrastructure Solutions for SBC Communications. He has over 10 years of experience providing strategic, business, and technical consulting services to clients. Robbie resides in Atlanta, and is a graduate of Clemson University. His background includes positions as a Principal Architect at International Network Services, Lucent, Frontway and Callisma.


This was first published in April 2004

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

Back to top