No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


CLI-based Configuration Guide - VPN

AR100, AR120, AR150, AR160, AR200, AR1200, AR2200, AR3200, and AR3600 V200R010

This document describes VPN features on the device and provides configuration procedures and configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
BGP/MPLS IP VPN Application

BGP/MPLS IP VPN Application

Service Overview

Figure 7-29 shows a typical networking diagram for a carrier. Site1 and Site2 represent two networks in different cities. The two networks may be networks for two branches of a company, or networks for municipal governments of the two cities. During communication between Site1 and Site2, data security must be ensured. The two networks must be separated from other networks and packets exchanged between the two networks must be transparently transmitted over the carrier's backbone network. BGP/MPLS VPN technology can meet such service requirements. VPN labels assigned using MP-BGP enable packets to enter the correct VPN site and MPLS enables packets to be transparently transmitted over tunnels on the carrier's backbone network.

Figure 7-29  BGP/MPLS IP VPN application

Networking Description

PE and P devices on the carrier's backbone network must be used to transmit routes and packets between Site1 and Site2 from the two networks to communicate. CE devices can be dual-homed to PE devices to ensure high network availability. Generally, a carrier deploys route reflectors (RRs) on the backbone network to reflect VPNv4 and VPNv6 routes.

Feature Deployment

In BGP/MPLS IP VPN networking, the following configurations must be performed:
  • Configure static routes between CE devices and PE devices or configure RIP, OSPF, IS-IS, or BGP on CEs and PEs for them to exchange routing information.

  • Configure MP-BGP peer relationships between all PE devices and RR1 and between all PE devices and RR2. Configure all PE devices as the clients of RR1 and RR2 and configure RR1 and RR2 to back up each other. These configurations ensure network reliability.

  • Configure MPLS and an IGP on PE and P devices and establish MPLS tunnels for traffic forwarding.

  • Adjust IGP costs of links to:
    • Ensure that the two links between CE1 and CE2 work in active/standby mode. If one link fails, traffic is switched to the other link for transmission.

    • Adjust the costs of links between RRs and the backbone network. Ensure that RRs are used only for route reflection, not for traffic forwarding.

  • Configure VPN FRR for services that have high requirements on real-time transmission to enhance network reliability.

Updated: 2019-08-07

Document ID: EDOC1100033725

Views: 151874

Downloads: 367

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Previous Next