Upload File

© 2006 cisco systems, inc. all rights reserved. mpls v2.2—4-1 mpls vpn technology introducing...

  • Home
  • Documents
  • © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs
20
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

Upload: madalynn-blackman

Post on 15-Dec-2015

227 views

Category:

Documents


2 download

Report

Tags:

TRANSCRIPT

Page 1: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1

MPLS VPN Technology

Introducing VPNs

Page 2: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-2

Outline

• Overview

• Traditional Router-Based Network Connectivity

• Advantages of VPNs

• VPN Terminology

• What Are the VPN Implementation Models?

• What Are Overlay VPN Technologies?

• What Are Peer-to-Peer VPN Technologies?

• What Are the Benefits of VPNs?

• What Are the Drawbacks of VPNs?

• Summary

Page 3: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-3

Traditional Router-Based Networks

Traditional router-based networks connect customer sites through routers connected via dedicated point-to-point links.

Page 4: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-4

Virtual Private Networks

• VPNs replace dedicated point-to-point links with emulated point-to-point links sharing common infrastructure.

• Customers use VPNs primarily to reduce their operational costs.

Page 5: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-5

VPN Terminology

Page 6: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-6

VPN Terminology (Cont.)

Page 7: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-7

VPN Implementation Models

VPN services can be offered based on two major models:

• Overlay VPNs, in which the service provider provides virtual point-to-point links between customer sites

• Peer-to-peer VPNs, in which the service provider participates in the customer routing

Page 8: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-8

Overlay VPNs: Hub-and-Spoke Topology

Page 9: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-9

Overlay VPNs:Redundant Hub-and-Spoke Topology

Page 10: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-10

Overlay VPNs:Layer 2 Implementation

This is the traditional switched WAN solution:

• The service provider establishes Layer 2 virtual circuits between customer sites.

• The customer is responsible for all higher layers.

Page 11: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-11

Overlay VPNs:IP Tunneling

VPN is implemented with IP-over-IP tunnels:

• Tunnels are established with GRE or IPsec.

• GRE is simpler (and quicker); IPsec provides authentication and security.

Page 12: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-12

Overlay VPNs:Layer 2 Forwarding

• VPN is implemented with PPP-over-IP tunnels.

• VPN is usually used in access environments (dialup, digital subscriber line).

Page 13: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-13

Overlay VPNs:Layer 3 Routing

• The service provider infrastructure appears as point-to-point links to customer routes.

• Routing protocols run directly between customer routers.

• The service provider does not see customer routes and is responsible only for providing point-to-point transport of customer data.

Page 14: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-14

Peer-to-Peer VPNs:Implementation Techniques

Page 15: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-15

Peer-to-Peer VPNs:Packet Filters

Page 16: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-16

Peer-to-Peer VPNs:Controlled Route Distribution

Page 17: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-17

Benefits of VPN Implementations

• Overlay VPN:

– Well-known and easy to implement

– Service provider does not participate in customer routing

– Customer network and service provider network are well-isolated

• Peer-to-peer VPN:

– Guarantees optimum routing between customer sites

– Easier to provision an additional VPN

– Only sites provisioned, not links between them

Page 18: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-18

Drawbacks of VPN Implementations

• Overlay VPN:

– Implementing optimum routing requires a full mesh of virtual circuits.

– Virtual circuits have to be provisioned manually.

– Bandwidth must be provisioned on a site-to-site basis.

– Overlay VPNs always incur encapsulation overhead.

• Peer-to-peer VPN:

– The service provider participates in customer routing.

– The service provider becomes responsible for customer convergence.

– PE routers carry all routes from all customers.

– The service provider needs detailed IP routing knowledge.

Page 19: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-19

Summary

• Traditional router-based networks connect via dedicated point-to-point links.

• VPNs use emulated point-to-point links sharing a common infrastructure.

• The two major VPN models are overlay VPN and peer-to-peer VPN.

– Overlay VPNs use well-known technologies and are easy to implement.

– Overlay VPN virtual circuits must be provisioned manually.

– Peer-to-peer VPNs guarantee optimum routing between customer sites.

– Peer-to-peer VPNs require that the service provider participate in customer routing.

Page 20: © 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-20


Implementing MPLS VPNs over IP Tunnels...Implementing MPLS VPNs over IP Tunnels The MPLS VPNs over IP Tunnels feature lets you deploy Layer 3 Virtual Private Network (L3VPN) services,

Configuring MPLS Layer 3 VPNs · 22-3 Cisco Nexus 7000 Series NX-OS MPLS Configuration Guide OL-23587-03 Chapter 22 Configuring MPLS Layer 3 VPNs Information About MPLS Layer 3 VPNs

MPLS based Virtual Private Networks€¦ · MPLS VPN Agenda •Introduction to VPNs •Where do Layer 2 and 3 VPNs fit? •Layer 3 MPLS VPNs VR and BGP Review BGP/MPLS VPN Architecture

MPLS VPN - utcluj.roftp.utcluj.ro/pub/users/dadarlat/retele_master/mpls-vpn/MPLS_VPN/... · MPLS VPN • MPLS VPNs are enhancement to MPLS • MPLS uses a virtual circuit (VC) across

MPLS Layer 2 VPNs Configuration Guide, Cisco IOS …MPLS Layer 2 VPNs Configuration Guide, Cisco IOS XE Release 3S First Published: November08,2011Last Modified: July30,2013Americas

Concepts and Operation of MPLS VPNs · Concepts and Operation of MPLS VPNs Francisco Bolanos [email protected] ... router • PE Router. part of the P-network and interfaces to CE

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—8-1 MPLS TE Overview Understanding MPLS TE Components

MPLS IP VPNs: Are You Ready to Migrate?

MPLS Layer 2 VPNs Functional and Performance … Layer 2 VPNs Functional and Performance Testing Sample Test Plans

Ethernet Services using BGP MPLS Based Ethernet VPNs (EVPN)

Implementing MPLS Layer 2 VPNs - cisco.com · Implementing MPLS Layer 2 VPNs ... infrastructure to provide a serviceable L2 interface to customers; specifically, to provide standard

MPLS VPNs and Security

Troubleshooting MPLS VPNs

MPLS VPN. MPLS/BGP VPNs Goals MPLS/BGP VPN Features Implementation Conclusions

Chapter 3 Configuring BGP/MPLS VPNs

Implementing MPLS Layer 3 VPNs

MPLS 2011 Public Interoperability Test Results - Isocore White Paper.pdf · MPLS 2011 Public Interoperability Test Results MPLS Transport Profile, Next-Gen Multicast VPNs MPLS Services

86-MPLS VPN 4-6 - TU WienMPLS VPN Basic VPNs • MPLS VPN Complex VPNs • MPLS VPN Configuration (Cisco) – CE-PE OSPF Routing – CE-PE Static Routing – CE-PE RIP Routing –

Introduction to MPLS-based VPNs - p2004ir.free.frp2004ir.free.fr/NE520-Networking_And_Internetworking/MPLS/MPLS-V… · Slide 2 Outline • Introduction • BGP/MPLS VPNs – Network

BGP/MPLS IP VPNs - archive.nanog.org · BGP-MPLS VPNs Goal: solve the scaling issues. Support thousands of VPNs, support VPNs with hundreds of sites per VPN, support overlapping address

Implementing MPLS Layer 3 VPNs on Cisco IOS XR Software · Implementing MPLS Layer 3 VPNs on Cisco IOS XR Software A Multiprotocol Label Switching (MPLS) Layer 3 Virtual Private Network

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—7-1 Integrating Internet Access with MPLS VPNs Implementing Internet Access as a Separate VPN

Multicast-VPN -- IP Multicast Support for MPLS VPNs

MPLS/BGP VPNs - · PDF file7 Provider-based VPNs using MPLS & BGP There are several related variants including •L2VPN – pseudowires •VPLS – dynamic L2VPN •L3VPN – RFC 4364

Troubleshooting MPLS VPNs · 476 Chapter 6: Troubleshooting Multiprotocol Label Switching Layer 3 VPNs These two MPLS VPN troubleshooting elements are discussed in the sections that

MPLS-based Layer 2 VPNs

RFC 2547bis: BGP/MPLS VPN Hierarchical and Recursive ... · BGP/MPLS VPNs, refer to the RFC 2547bis: BGP/MPLS VPN Fundamentals white paper. Perspective: BGP/MPLS VPNs Defined In traditional

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.26-1 Complex MPLS VPNs Introducing Central Services VPNs

Introduction to MPLS-based VPNs - Contenu du dossier p2004ir

MPLS/BGP VPNs - KTH

Deploying MPLS VPNs-2up

MPLS and VPNs

MPLS VPNs: Layer 2 or Layer 3? Understanding the Choicesup.xenya.si/sup/info/riverstone/Whitepapers/MPLS VP… ·  · 2003-04-29MPLS VPNs: Layer 2 or Layer 3? Understanding the Choice

Openstack Neutron & Interconnections with BGP/MPLS VPNs

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—1-1 MPLS Concepts Introducing Basic MPLS Concepts