No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - VPN

S1720, S2700, S5700, and S6720 V200R010C00

This document describes the VPN configuration procedures and provides configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Overview

Overview

Definition

A BGP/MPLS IP VPN is a Layer 3 virtual private network (L3VPN). It uses the Border Gateway Protocol (BGP) to advertise VPN routes and Multiprotocol Label Switching (MPLS) to forward VPN packets on backbone networks. The VPN carries Internet Protocol (IP) packets.

Figure 3-1 shows the BGP/MPLS IP VPN model.

Figure 3-1  BGP/MPLS IP VPN model

The BGP/MPLS IP VPN model consists of the following devices:

  • Customer edge (CE)

    A device deployed at the edge of a customer network that has interfaces directly connected to the service provider (SP) network. A CE device can be a router, a switch, or a host. CE devices generally do not detect VPNs or need to support MPLS.

  • Provider edge (PE)

    A device deployed at the edge of an SP network and directly connected to a CE device. On an MPLS network, PE devices process all VPN services and must have high performance.

  • Provider (P)

    A backbone device deployed on an SP network and not directly connected to CE devices. P devices only need to provide basic MPLS forwarding capabilities. P devices do not maintain VPN information.

SPs manage PE and P devices. Customers manage CE devices unless customers authorize SPs.

A PE device can connect to multiple CE devices. A CE device can connect to multiple PE devices of the same or different SPs.

Purpose

A traditional VPN establishes full-mesh tunnels or permanent virtual circuits (PVCs) between all sites to forward VPN data. This method makes it difficult to maintain and expand networks. When a new site is added to an established VPN, a network administrator must modify the configuration of all edge nodes connected to this site.

A BGP/MPLS IP VPN uses a peer model that enables SPs and customers to exchange routing information. SPs are responsible for forwarding customer data without customer participation. A BGP/MPLS IP VPN is more scalable and easier to manage than a traditional VPN. When a new site is added, a network administrator needs to modify the configuration of the edge nodes serving the new site.

A BGP/MPLS IP VPN allows overlapping address spaces and overlapping VPNs so that VPNs can be flexibly deployed and expanded. BGP/MPLS IP VPN supports MPLS QoS and MPLS Traffic Engineering (TE) and therefore BGP/MPLS IP VPN is an important approach for IP network carriers to provide value-added services. BGP/MPLS IP VPN is now widely used.

Translation
Download
Updated: 2019-08-21

Document ID: EDOC1000141944

Views: 109558

Downloads: 586

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next