No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


Configuration Guide - VPN 01

NE05E and NE08E V300R003C10SPC500

This is NE05E and NE08E V300R003C10SPC500 Configuration Guide - VPN
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring a Basic BGP/MPLS IP VPN

Configuring a Basic BGP/MPLS IP VPN

A basic BGP/MPLS IP VPN applies to the scenario in which there is only one carrier or the backbone networks of multiple carriers belong to the same AS, and each device plays only one role, either PE, P, or CE. After a basic BGP/MPLS IP VPN is configured, different sites in a VPN can communicate with each other.

Usage Scenario

After a basic BGP/MPLS IP VPN is configured, the network can provide VPN services for users so that multiple private networks can communicate across the backbone network of the carrier. VPN routes are isolated from the public network routes on the backbone network, and the routes of VPN instances are isolated from each other.

On the network shown in Figure 5-2, the following functions need to be implemented:
  • Site1 can communicate with only Site3.

  • Site2 can communicate with only Site4.

  • The MPLS backbone network is unaware of the VPN routes in each site.

To meet the preceding requirements, configure a basic BGP/MPLS IP VPN by adding Site1 and Site3 to a VPN (VPN1) and Site2 and Site4 to another VPN (VPN2). CEs and other devices deployed at sites only advertise and receive VPN routes. They are unaware of the public network. Ps residing on the public network do not receive VPN routes. PEs manage VPN routes and public network routes separately. VPN data packets are transmitted transparently over tunnels between the sites within the same VPN. The devices on the public network do not know the contents of VPN data packets, ensuring VPN data security.
Figure 5-2 BGP/MPLS IP VPN

Pre-configuration Tasks

Before configuring a basic BGP/MPLS IP VPN, complete the following tasks:

  • Configure the routing policy to control the route receiving and sending of the VPN instance IPv4 address family if needed.

  • Configure an IGP on the PEs and Ps of the MPLS backbone network to ensure IP connectivity on the backbone network.

  • Establish non-LDP LSP tunnels based on tunnel policies or LDP LSPs on the MPLS backbone network.

  • Configure IP addresses on interfaces that connect CEs to PEs.

Configuration Procedures

Figure 5-3 Flowchart for configuring a basic BGP/MPLS IP VPN
Updated: 2019-01-14

Document ID: EDOC1100058925

Views: 36444

Downloads: 61

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next