Chapter 6 - Functionality and Configuration Overview
19
Chapter 6 - Functionality and Configuration Overview
IntraPort Carrier-8 Functionality
This is a brief description of the IntraPort Carrier-8 functionality in terms of packet flows.
Routing From/To the Public Internet
VPN packets from the public Internet will be forwarded to and from the IPC via one or more
PVCs. Depending on routing requirements, multiple PVCs can be used. A default route is
required to forward wrapped VPN packets to the public Internet. The default route can be
learned through either a routing protocol such as RIP or OSPF or can be configured manually.
Routing To/From a Corporate Intranet
Once a VPN packet is received via the public Internet, the IPC will perform the normal VPN
sequence: decrypt, authenticate and translate source address. The source address will be trans-
lated from the pool of addresses assigned to the VPN Group through the configuration.
These unwrapped, normal IP packets will be forwarded to the corporation through a PVC that
is associated with them. This can be accomplished through a route learned through a dynamic
protocol (RIP or OSPF) or through a manually configured static route. The destination address
in the static route is the corporate IP network and the gateway is the PVC. This can also be
done by forwarding the Layer 3 tunnel to a Layer 2 PVC by mapping network traffic to a
DLCI.
The router at the corporate site will need to be able to forward packets with the translated
address back to the IPC so it can then do a VPN encapsulation to forward back to the public
Internet.
Routing in General
The IPC will absolutely not allow routing between the private Frame Relay PVCs that are
connected to the corporations that are used to deliver unwrapped VPN IP packets.