3-7
Cisco 10000 Series Router Software Configuration Guide
OL-2226-23
Chapter 3 Configuring Remote Access to MPLS VPN
Access Technologies
RBE over ATM to MPLS VPN
The Cisco 10000 series router supports an ATM RBE to MPLS VPN connection. RBE is used to route
IP over bridged RFC 1483 Ethernet traffic from a stub-bridged LAN. The ATM connection appears like
a routed connection; however, the packets received on the interface are bridged IP packets. RBE looks
at the IP header of the packets arriving at an ATM interface and routes the packets instead of bridging
them.
In
Figure 3-4
, RBE is configured between the DSL router and the Cisco 10000 series router, acting as
the VHG/PE router.
Figure 3-4
DSL RBE to MPLS VPN Integration
The DSL router can be set up as a pure bridge or it can be set up for integrated routing and bridging (IRB)
where multiple LAN interfaces are bridged through the bridge group virtual interface (BVI). Each of the
DSL routers terminates on a separate point-to-point subinterface on the VHG/PE, which is statically
configured with a specific VRF. Remote user authentication or authorization is available with Option 82
for DSL RBE remote access. RBE treats the VHG/PE subinterface as if it is connected to an Ethernet
LAN, but avoids the disadvantages of pure bridging, such as broadcast storms, IP hijacking, and ARP
spoofing issues. Address management options include static and VRF-aware DHCP servers.
Note
For more information, see the
“DSL Access to MPLS VPN Integration” chapter in the
Cisco Remote Access to MPLS VPN Solution Overview and Provisioning Guide, Release 2.0
, located at
the following URL.
http://www.cisco.com/univercd/cc/td/doc/product/vpn/solution/rampls2/ovprov/ra_op_05.htm
MPLS VPN ID
The MPLS VPN ID is a 14-digit hexadecimal number that uniquely identifies a VPN and its associated
VRF across all VHGs and PE routers in the network. In a router with multiple VPNs configured, you can
use a VPN ID to identify a particular VPN. The VPN ID follows a standard specification (RFC 2685).
The configuration of a VPN ID is optional.
LAN
Remote
user
DSL router
Can be a bridge CPE
RBE
DSLAM
SP access
network
PE
SP
MPLS
core
CE
Customer
network
Cutomer DHCP
server
SP DHCP server
VHG/PE
87111
Cisco 10000
ESR