3-2
Cisco 10000 Series Router Software Configuration Guide
OL-2226-23
Chapter 3 Configuring Remote Access to MPLS VPN
MPLS VPN Architecture
MPLS VPN Architecture
The MPLS VPN architecture enables the service provider to build the MPLS VPN network one time and
add VPNs for new customers as needed, including them in the already established network. The elements
that comprise the MPLS VPN are:
•
Customer edge (CE) routers—The CPE devices to which subscribers in a customer’s network
connect. The CE router connects to a service provider’s edge router (PE router). The CE router
initiates the remote access session to the PE router.
•
Provider edge (PE) routers—The router, such as the Cisco 10000 series router, located at the edge
of the service provider’s MPLS core network. The PE router connects to one or more CE routers and
has full knowledge of the routes to the VPNs associated with those CE routers. The PE router does
not have knowledge of the routes to VPNs whose associated CE routers are not connected to it.
•
Provider (P) routers—The service provider routers that comprise the provider’s core network. The
P routers do not assign VPN information and they do not have any knowledge of CE routers. Instead,
the main focus of the P router is on label switching.
Figure 3-1
shows an example of the MPLS VPN architecture.
Figure 3-1
MPLS VPN Network—Example
SP MPLS
core
SP access
network
69868
LAN
Remote
user
DSLAM
DSL router
PE
CE
Customer
network
Customer AAA
server
SP AAA
server
SP DHCP
server
PPPoE
PE