Extranet networking scheme, Inter-as vpn – H3C Technologies H3C S6800 Series Switches User Manual
Page 180
167
After spoke sites exchange routes through the hub site, they can communicate with each other through
the hub site.
Extranet networking scheme
The extranet networking scheme allows specific resources in a VPN to be accessed by users not in the
VPN.
In this networking scheme, if a VPN instance needs to access a shared site, the export target attribute
and the import target attribute of the VPN instance must be contained in the import target attribute and
the export target attribute of the VPN instance of the shared site, respectively.
Figure 45 Network diagram for extranet networking scheme
As shown in
, route targets configured on PEs produce the following results:
•
PE 3 can receive VPN-IPv4 routes from PE 1 and PE 2.
•
PE 1 and PE 2 can receive VPN-IPv4 routes advertised by PE 3.
•
Site 1 and Site 3 of VPN 1 can communicate with each other, and Site 2 of VPN 2 and Site 3 of
VPN 1 can communicate with each other.
•
PE 3 advertises neither the VPN-IPv4 routes received from PE 1 to PE 2 nor the VPN-IPv4 routes
received from PE 2 to PE 1 (routes learned from an IBGP neighbor are not advertised to any other
IBGP neighbor). Therefore, Site 1 of VPN 1 and Site 2 of VPN 2 cannot communicate with each
other.
Inter-AS VPN
In an inter-AS VPN networking scenario, multiple sites of a VPN are connected to multiple ISPs in different
ASs, or to multiple ASs of an ISP.
The following inter-AS VPN solutions are available:
•
VRF-to-VRF connections between ASBRs—This solution is also called inter-AS option A.
•
EBGP redistribution of labeled VPN-IPv4 routes between ASBRs—ASBRs advertise VPN-IPv4 routes
to each other through MP-EBGP. This solution is also called inter-AS option B.
文件中找不到关系
ID 为 rId67 的图像部件。