No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


Configuration Guide - VPN

S1720, S2700, S5700, and S6720 V200R010C00

This document describes the VPN configuration procedures and provides configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Inter-AS VPN

Inter-AS VPN

The MPLS VPN solution serves an increasing number of users across many applications. A site at one geographical location often needs to connect to an ISP network at another geographical location. In this situation, for example, inter-AS issues may arise for operators who manage different metropolitan area networks (MANs) or backbone networks that span different autonomous systems (AS).

MPLS VPN architecture typically runs within an AS. Routes of any VPN can be flooded within the AS, but not to other ASs. To implement the exchange of VPN routes between different ASs, the inter-AS MPLS VPN model is used. The inter-AS MPLS VPN model is an extension to MPLS VPN framework. Route prefixes and labels can be advertised over links between different carrier networks through the inter-AS MPLS model.

RFC 4364 defines the following inter-AS VPN solutions:

  • Inter-Provider Backbones Option A: Autonomous system boundary routers (ASBRs) manage VPN routes for inter-AS VPNs through dedicated interfaces. This solution is also called VRF-to-VRF.

  • Inter-Provider Backbones Option B: ASBRs advertise labeled VPN-IPv4 routes to each other through MP-EBGP. This solution is also called EBGP redistribution of labeled VPN-IPv4 routes.

  • Inter-Provider Backbones Option C: PE devices advertise labeled VPN-IPv4 routes to each other through Multi-hop MP-EBGP. This solution is also called Multi-hop EBGP redistribution of labeled VPN-IPv4 routes.

Switches support only inter-AS VPN Option A.

Inter-Provider Backbones Option A

  • Introduction

    Option A is a basic BGP/MPLS IP VPN application in an inter-AS scenario. In this solution, ASBRs do not require extra configurations for inter-AS VPN or run MPLS. The ASBRs of two ASs are directly connected and function as PE devices of the ASs. Each ASBR considers the peer ASBR as its CE device and creates a VPN instance for each VPN. The ASBRs use EBGP to advertise IPv4 routes.

    Figure 3-13 shows a networking example of Inter-Provider Backbones Option A.

    Figure 3-13  Inter-Provider Backbones Option A

    In Figure 3-13, ASBR2 in AS200 is a CE of ASBR1 in AS 100, and ASBR1 is the CE of ASBR2. VPN LSP indicates a private tunnel and LSP indicates a public tunnel.

  • Route advertisement

    In Option A, PE and ASBR devices use MP-IBGP to exchange VPN-IPv4 routes. Two ASBRs run BGP, IGP multi-instance, or use static routes to exchange VPN information. EBGP is recommended for inter-AS route exchange.

    Figure 3-14 shows the process of Option A route advertisement.
    Figure 3-14  Route advertisement of Option A

    In Figure 3-14, the route destined for is advertised from CE1 to CE2. D is the destination address, NH is the next hop, and L1 and L2 are private labels. This figure does not show the advertisement of public IGP routes or the distribution of public network labels.

  • Packet forwarding

    Figure 3-15 shows a networking example of Option A packet forwarding.
    Figure 3-15  Packet forwarding of Option A

    In Figure 3-15, packets are forwarded over the LSPs, which serve as the public network tunnels. L1 and L2 are inner labels and Lx and Ly are outer tunnel labels.

  • Option A characteristics

    • Simplified configuration

      MPLS does not need to run between ASBRs and extra configuration is not required.

    • Low scalability

      • ASBRs need to manage all VPN routes and create VPN instances for each VPN.
      • ASBRs must reserve an interface for each inter-AS VPN since IP forwarding is performed between the ASBRs.
      • PE devices must have high performance.
      • Intermediate ASs must support the VPN service if a VPN spans multiple ASs. The configuration is complex and intermediate ASs are affected.

    Option A is applicable when the number of inter-AS VPNs is insignificant.

Updated: 2019-08-21

Document ID: EDOC1000141944

Views: 111822

Downloads: 588

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next