No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - VPN

CloudEngine 12800 and 12800E V200R005C10

This document describes the configurations of VPN, including GRE, BGP/MPLS IP VPN, BGP/MPLS IPv6 VPN, VLL, PWE3, and VPLS.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Hub and Spoke Networking Application

Hub and Spoke Networking Application

Service Overview

Financial enterprises such as banks can use Hub and Spoke networking to ensure the security of financial data. Hub and Spoke networking allows branches to exchange data only through the headquarters. In this manner, data transmitted between branches can be effectively supervised.

In Hub and Spoke networking, the site where the access control device is deployed (in this case, the headquarters) is called a Hub site. The other sites where branches are located are called Spoke sites. At the Hub site and the Spoke sites, a device that connects to the VPN backbone network is called a Hub-CE device or a Spoke-CE device, respectively. On the VPN backbone network, a device that connects to the Hub site is called a Hub-PE device, and a device that connects to a Spoke site is called a Spoke-PE device.

A Spoke site advertises routes to the Hub site. The Hub site then advertises the routes to other Spoke sites. Spoke sites do not advertise routes to each other. The Hub site controls communication between all the Spoke sites.

Networking Description

In Hub and Spoke networking, the following solutions can be used:

  • EBGP running between the Hub-CE and Hub-PE devices, and between Spoke-PE and Spoke-CE devices

  • IGP running between the Hub-CE and Hub-PE devices, and between Spoke-PE and Spoke-CE devices

  • EBGP running between the Hub-CE and Hub-PE devices, and IGP running between Spoke-PE and Spoke-CE devices

These solutions are described as follows:

  • EBGP running between the Hub-CE and Hub-PE devices, and between Spoke-PE and Spoke-CE devices

    As shown in Figure 2-27, a route advertised by a Spoke-CE device is forwarded to the Hub-CE and Hub-PE devices before being transmitted to other Spoke-PE devices. If EBGP runs between the Hub-PE and Hub-CE devices, the Hub-PE device performs an AS-Loop check on the route. If the Hub-PE device detects its own AS number in the route, it discards the route. To implement the Hub and Spoke networking, the Hub-PE device must be configured to allow repeated AS numbers.

    Figure 2-27 EBGP running between the Hub-CE and Hub-PE devices, and between Spoke-PE and Spoke-CE devices

  • IGP running between the Hub-CE and Hub-PE devices, and between Spoke-PE and Spoke-CE devices

    As shown in Figure 2-28, all PE and CE devices exchange routes using an IGP. Because IGP routes do not contain the AS_Path attribute, the AS_Path field of BGP VPNv4 routes is empty.

    Figure 2-28 IGP running between the Hub-CE and Hub-PE devices, and between Spoke-PE and Spoke-CE devices

  • EBGP running between the Hub-CE and Hub-PE devices, and IGP running between Spoke-PE and Spoke-CE devices

    As shown in Figure 2-29, the network topology is similar to that shown in Figure 2-27. The AS_Path attribute of the routes forwarded by the Hub-CE device to the Hub-PE device contains the AS number of the Hub-PE device. Therefore, the Hub-PE device must be configured to allow repeated AS numbers.

    Figure 2-29 EBGP running between the Hub-CE and Hub-PE devices, and IGP running between Spoke-PE and Spoke-CE devices

Translation
Download
Updated: 2019-04-03

Document ID: EDOC1100075353

Views: 14619

Downloads: 25

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next