Mp-bgp, Routing policy, Tunneling policy – H3C Technologies H3C SR8800 User Manual
Page 236: Mpls l3vpn packet forwarding
225
In other words, VPN target attributes define which sites can receive VPN-IPv4 routes, and from which sites
that a PE can receive routes.
Like RDs, VPN target attributes can be of three formats:
•
16-bit AS number:32-bit user-defined number. For example, 100:1.
•
32-bit IPv4 address:16-bit user-defined number. For example, 172.1.1.1:1.
•
32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536.
For example, 65536:1.
MP-BGP
Multiprotocol extensions for BGP-4 (MP-BGP) advertises VPN composition information and routes
between PEs. It is backward compatible and supports both traditional IPv4 address family and other
address families, such as VPN-IPv4 address family.
Using MP-BGP can guarantee that private routes of a VPN are advertised only in the VPN and implement
communications between MPLS VPN members.
Routing policy
In addition to the import and export extended communities for controlling VPN route advertisement, you
can also configure import and export routing policies to control the redistribution and advertisement of
VPN routes more precisely.
An import routing policy can further filter the routes that can be advertised to a VPN instance by using
the VPN target attribute of import target attribute. It can reject the routes selected by the communities in
the import target attribute. An export routing policy can reject the routes selected by the communities in
the export target attribute.
After a VPN instance is created, you can configure an import routing policy, an export routing policy, or
both as needed.
Tunneling policy
A tunneling policy is used to select the tunnel for the packets of a specific VPN instance to use.
After a VPN instance is created, you can optionally configure a tunneling policy for the VPN instance. By
default, only one tunnel is selected (no load balancing) in this order: LSP tunnel, CR-LSP tunnel. A
tunneling policy takes effect only within the local AS.
MPLS L3VPN packet forwarding
For basic MPLS L3VPN applications in a single AS, VPN packets are forwarded with the following layers
of labels:
•
Layer 1 labels—Outer labels, used for label switching inside the backbone. They indicate LSPs from
the local PEs to the remote PEs. Based on layer 1 labels, VPN packets can be label switched along
the LSPs to the remote PEs.
•
Layer 2 labels—Inner labels, used for forwarding packets from the remote PEs to the CEs. An inner
label indicates to which site, or more precisely, to which CE the packet should be sent. A PE finds
the interface for forwarding a packet according to the inner label.
If two sites (CEs) belong to the same VPN and are connected to the same PE, each CE only needs to know
how to reach the other CE.
The following takes
as an example to illustrate the VPN packet forwarding procedure.