34-6
Cisco ME 3800X and 3600X Switch Software Configuration Guide
OL-23400-01
Chapter 34 Configuring MPLS, MPLS VPN, MPLS OAM, and EoMPLS
Understanding MPLS VPNs
Figure 34-2
shows five customer sites communicating within three VPNs. The VPNs can communicate
with these sites:
VPN1: Sites 2 and 4
VPN2: Sites 1, 3, and 4
VPN3: Sites 1, 3, and 5
Figure 34-2
Customer Sites with VPNs
Distribution of VPN Routing Information
The distribution of VPN routing information is controlled through the use of VPN route target
communities, implemented by BGP extended communities. VPN routing information is distributed in
this manner:
•
When a VPN route learned from a CE device is added to the BGP process, a list of VPN route target
extended community attributes is associated with it. The attribute values are obtained from an export
list of route targets associated with the VRF from which the route was learned.
•
An import list of route target extended communities is also associated with each VRF. The import
list defines route target extended community attributes that a route must have in order for the route
to be imported into the VRF. For example, if the import list for a particular VRF includes route target
communities A, B, and C, then any VPN route that carries any of those route target extended
communities—A, B, or C—is imported into the VRF.
A PE router can learn an IP prefix from a CE device by static configuration, through a BGP session, or
through a routing protocol, such as OSPF, EIGRP and Routing Information Protocol (RIP), with the CE
device. The IP prefix is a member of the IPv4 address family. After it learns the IP prefix, the PE router
converts it into a VPN-IPv4 prefix by combining it with an 8-byte route distinguisher. The generated
prefix is a member of the VPN-IPv4 address family and uniquely identifies the customer address, even
if the customer site is using globally nonunique (unregistered private) IP addresses.
BGP distributes reachability information for VPN-IPv4 prefixes for each VPN. BGP communication
takes place at two levels: within IP domains, known as autonomous systems (internal BGP or IBGP), and
between autonomous systems (external BGP or EBGP). The PE-to-PE sessions are IBGP sessions, and
PE-to-CE sessions are EBGP sessions.
BGP propagates reachability information for VPN-IPv4 prefixes among provider-edge routers by using
the BGP multiprotocol extensions, which define support for address families other than IPv4. It does this
in a way that ensures that the routes for a given VPN are learned only by other members of that VPN,
which enables members of the VPN to communicate with each other.
Site 2
VPN1
VPN2
VPN3
Site 4
Site 5
17266
Site 3
Site 1