2 basic concept of bgp/mpls vpn, 2 basic concept of bgp/mpls vpn -27 – PLANET XGS3-24042 User Manual
Page 673
81-27
the local VPN route to PE, and learn the remote VPN route from PE. CE and PE use BGP/IGP to exchange
route information or static routes.
PE will exchange VPN route information with other PEs via BGP after learning the local VPN route form CE. It
only maintains the VPN route directly connected with it rather than all VPN routes in the service provider
network.
P router only maintains routes to PE, without learning any VPN route information.
Then transmitting VPN traffic in the MPLS backbone network, the ingress PE serves as the Ingress LSR
(Label Switch Router), the egress PE the Egress LSR, and P router the Transit LSR.
81.1.2 Basic Concept of BGP/MPLS VPN
Site
“Site” is a concept usually mentioned when introducing VPN, which can be understood from the following
aspects:
Site is a set of IP systems with IP connectivity between each other. This connectivity is independent
of SP network.
The division of site is based on the topology of devices instead of devices’ location, although in most
cases, the devices in a site locate next to each other.
The devices in a site can belong to multiple VPN. In other words, a site can belong to multiple VPN;
Site connects to SP network via CE. One site can include multiple CE while a CE can only belong to
one site.
Multiple sites connected to the same SP network can be divided into different sets according to special
policies, which only allow intercommunication via the SP network to happen between the sites within the
same set. Such sets are VPN.
VRF
VRF (VPN Routing & Forwarding Instance), consisting of VPN IP route table and VPN IP forwarding table (the
forwarding table contains the MPLS encapsulation information), is the core entry of MPLS VPN packet
forwarding. Each VPN has its own independent VRF. The VRF address spaces of different VPN can overlap
with each other. A PE/P router in the MPLS VPN network usually contains multiple independent VRF.
Overlapping Address Space
VPN is a private network, which means each VPN manages its own address range independently. This range
is called Address Space.
The address spaces of different VPN may partially overlap with each other. For example, if VPN1 and VPN2
both use the segment of 10.110.10.0/24, there would be Overlapping Address Space.
VPN instance
In the MPLS VPN, the route isolation between different VPN is implemented via VPN instance.
PE creates and maintains a special VPN instance for every site directly connected to it. VPN site contains the
VPN membership and route rules of the corresponding site. If the customers of a site belong to more than one
VPN, then its VPN instance will contain the information of all those VPN.
To guarantee the data independency and security of VPN, each VPN instance on PE has its own independent