3Com Switch 8800 Configuration Guide
Chapter 37 BGP/MPLS VPN Configuration
37-4
compatibility: It not only supports traditional IPv4 address family, but also supports
other address families, for example, VPN-IPv4 address family. MP-BGP ensures that
VPN private routes are only advertised within VPNs, as well as implementing
communication between MPLS VPN members.
3) VPN-IPv4
address
VPN is just a private network, so it can use the same IP address to indicate different
sites. But the IP address is supposed as unique when MP-BGP advertises CE routes
between PE routers, so routing errors may occur for the different meaning in two
systems. The solution is to switch IPv4 addresses to VPN-IPv4 address to generate
globally unique addresses before advertising them, so PE routers is required to support
MP-BGP.
A VPN-IPv4 address consists of 12 bytes, and the first eight bytes represent the RD
(Route Distinguisher), which are followed by a 4-byte IPv4 address. The service
providers can distribute RD independently. However, their special AS (Autonomous
System) number must be taken as a part of the RD. After being processed in this way,
even if the 4-byte IPv4 address contained in VPN-IPv4 address has been overlapped,
the VPN-IPv4 address can still maintain globally unique. RD is only used within the
carrier network to differentiate routes. When the RD is 0, a VPN-IPv4 address is just a
IPv4 address in general sense.
The route received by PE from CE is the IPv4 route that needs to be redistributed into
vpn-instance routing table, and in this case a RD needs to be added. It is recommended
that the same RD be configured for all routes from the same user site.
IV. VPN Target attribute
VPN Target attribute is one of the MBGP extension community attributes and is used to
limit VPN routing information advertisement. It identifies the set of sites that can use
some route, namely by which Sites this route can be received, and the PE router can
receive the route transmitted by which Sites. The PE routers connected with the site
specified in VPN Target can all receive the routes with this attribute.
For PE routers, there are two sets of VPN Target attributes: one of them, referred to as
Export Targets, is added to the route received from a direct-connect site in advertising
local routes to remote PE routers. And the other one, known as Import Targets, is used
to decide which routes can be imported into the routing table of this site in receiving
routes from remote PE routers.
When matching the VPN Target attribute carried by the route to filter the routing
information received by the PE router, if the export VPN target set of the received route
contains identical items with the import VPN target set of the local end, the route is
imported into the VPN routing table and then advertised to the connected CE .
Otherwise, the route will be rejected.