No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Feature Description - VPN 01

NE05E and NE08E V300R003C10SPC500

This is NE05E and NE08E V300R003C10SPC500 Feature Description - VPN
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Tunnel Policy

Tunnel Policy

A tunnel policy determines which tunnel can be selected for an application.

VPN service forwarding requires tunnels. By default, LSPs are selected for VPN services, multiple LDP LSPs can implement load balancing. If only BGP LSPs exist on a network, only one is selected for VPN services, and load balancing cannot be implemented. If non-LDP LSPs or non-BGP LSPs are needed for VPN service transmission or multiple BGP LSPs or TE tunnels are needed for load balancing, a tunnel policy must be applied to the VPN service.

Tunnel policies can be categorized as either tunnel type prioritizing policies or tunnel binding policies. The two types of tunnel policies are mutually exclusive.

Tunnel Type Prioritizing Policy

In a tunnel type prioritizing policy, you can specify the sequence in which each type of tunnel is selected and the number of tunnels participating in load balancing. This type of policy applies only to traditional LSPs, GRE, and CR-LSPs.

Tunnels defined in a tunnel type prioritizing policy are selected in sequence. The tunnel type specified first is selected provided that; if the tunnel of this type is Up, no matter whether the tunnel of this type is selected by other services. Generally, the tunnel type specified later is not selected except when load balancing is required or when the preceding tunnels are all Down.

For example, if both the CR-LSPs and traditional LSPs are defined in a tunnel type prioritizing policy (with the CR-LSPs being defined first), and the number of tunnels participating in load balancing defined in the tunnel policy is three, tunnels are selected based on the following rules:

  • CR-LSPs are preferred provided that; if they are Up. If the number of CR-LSPs in the Up state is greater than or equal to three, the first three CR-LSPs are selected. If the number of CR-LSPs is less than three, traditional LSPs are selected.

  • If there are many available traditional LSPs and one CR-LSP has already been selected, at most two traditional LSPs can be selected. If no or only one traditional LSP is available, tunnels are selected based on the default tunnel selection policy.

NOTE:
  • If no tunnel policy is configured for an application or the tunnel policy to be configured has not been created yet, the system selects an available LSP. If no available LSP exists, a local IFNET tunnel is selected.

  • If a protection group is configured for CR-LSPs, the protection CR-LSP cannot be selected. In other words, the tunnel playing the protection role cannot be selected.

  • CR-LSPs include RSVP-TE tunnels and SR-TE tunnels. The tunnel that goes Up earlier has a higher priority.

  • LSPs include LDP LSPs, BGP LSPs, and SR-LSPs, whose priorities are in descending order. Specifically, if LSPs are used, LDP LSPs are preferentially selected for load balancing. If LDP LSPs are insufficient, the system searches the network for BGP LSPs. If BGP LSPs are insufficient, SR-LSPs are selected.

Tunnel Binding Policy

In a tunnel binding policy, you can bind one or more tunnels to one destination address. Then, VPN services referencing the policy will be transmitted over the bound tunnels. The system does not check whether the bound tunnel is a CR-LSP, but only the CR-LSP takes effect. Ensure that the tunnel binding policy is correctly configured. On the network shown in Figure 4-1, two MPLS TE tunnels (Tunnel1 and Tunnel2) are set up between PE1 and PE3.

Figure 4-1 Application of a tunnel binding policy

If you bind VPN A to Tunnel1 and VPN B to Tunnel2, VPN A and VPN B use separate MPLS TE tunnels. This means that Tunnel1 serves only VPN A and Tunnel2 serves only VPN B. In this manner, services of VPN A and VPN B are isolated from each other and also from other services. The bandwidth for VPN A and VPN B is therefore ensured. This facilitates later QoS deployment.

In tunnel binding, you can bind one or more CR-LSPs for one destination address to load-balance services. In addition, you can configure the down-switch attribute to enable other types of tunnels to be selected when the specified tunnels are unavailable, ensuring nonstop traffic forwarding.

A common tunnel binding policy selects common TE tunnels based on destination addresses and tunnel interface indexes. A tunnel binding policy observes the following tunnel selection rules:

  • If the tunnel binding policy does not designate any CR-LSPs for the destination IP address, an available tunnel is selected based on the default tunnel selection policy.

  • If the tunnel binding policy designates several CR-LSPs for the destination IP address and more than one designated CR-LSP is available, one of the available CR-LSPs is selected.

  • If the tunnel binding policy designates several CR-LSPs for the destination IP address but none of the designated CR-LSPs is available, tunnel selection is determined by the down-switch attribute. If the down-switch attribute is not configured, no tunnels are selected. If the down-switch attribute is configured, an available tunnel is selected based on the default tunnel selection policy.

Comparison of Tunnel Policies

Table 4-1 describes the differences between the two types of tunnel policies.
Table 4-1 Comparison of tunnel policies

Policy

Description

Tunnel type prioritizing policy

Cannot ensure which tunnel is selected if there are several tunnels of the same type.

Tunnel binding policy

Accurately defines which CR-LSP can be used, ensuring QoS. This type of policy applies only to CR-LSPs.

Translation
Download
Updated: 2019-01-14

Document ID: EDOC1100058940

Views: 13014

Downloads: 30

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next