Multi-vpn-instance ce, Background, How mce works – H3C Technologies H3C SR8800 User Manual

Page 254

Advertising
background image

243

Figure 72 Application of BGP AS number substitution

In

Figure 72

, both CE 1 and CE 2 use the AS number of 800. AS number substitution is enabled on PE

2 for CE 2. Before advertising updates received from CE 1 to CE 2, PE 2 finds that an AS number in the

AS_PATH is the same as that of CE 2 and hence substitutes its own AS number 100 for the AS number.
In this way, CE 2 can normally receive the routing information from CE 1.
AS number substitution also applies to a PE connecting multiple CEs through different interfaces, such as

PE 2 in

Figure 72

, which connects CE 2 and CE 3.

NOTE:

For a multi-homed CE, that is, a CE connected with multiple PEs, the BGP AS number substitution function
must be used in combination with the site-of-origin (SOO) function. Otherwise, routing loops may appear.

Multi-VPN-instance CE

Background

BGP/MPLS VPN transmits private network data through MPLS tunnels over the public network. However,

the traditional MPLS L3VPN architecture requires that each VPN instance exclusively use a CE to connect
with a PE, as shown in

Figure 55

.

For better services and higher security, a private network is usually divided into multiple VPNs to isolate

services. To meet these requirements, you can configure a CE for each VPN, which, apparently, will

increase users’ device expense and maintenance costs. Or, you can configure multiple VPNs to use the
same CE and the same routing table, which cannot ensure the data security.
Using the Multi-VPN-Instance CE (MCE) function, you can remove the contradiction of low cost and high

security in multi-VPN networks. MCE allows you to bind each VPN to a VLAN interface. The MCE creates

and maintains a separate routing table for each VPN. This separates the forwarding paths of packets of

different VPNs and, in conjunction with the PE, can correctly advertise the routes of each VPN to the peer
PE, ensuring the normal transmission of VPN packets over the public network.

How MCE works

The following uses

Figure 73

to describe how an MCE maintains the routing entries for multiple VPNs and

exchanges VPN routes with PEs.

Advertising
This manual is related to the following products:

H3C SR6600-X, H3C SR6600, H3C S12500 Series Switches, H3C S9500E Series Switches, H3C MSR 5600, H3C MSR 50, H3C MSR 3600, H3C MSR 30, H3C MSR 2600, H3C MSR 20-2X[40], H3C MSR 20-1X, H3C MSR 930, H3C MSR 900

Popular Brands
Popular manuals