174
Figure 52
Network diagram for nested VPN
Propagation of routing information
In a nested VPN network, routing information is propagated by using the following process:
1.
After receiving VPN routes from customer CEs, a customer PE advertises VPN-IPv4 routes to the
provider CE through MP-BGP.
2.
The provider CE advertises the VPN-IPv4 routes to the provider PE through MP-BGP.
3.
After receiving a VPN-IPv4 route, the provider PE keeps the customer's internal VPN information,
and appends the customer's MPLS VPN attributes on the service provider network. It replaces the
RD of the VPN-IPv4 route with the RD of the customer's MPLS VPN on the service provider network.
It also adds the export route-target (ERT) attribute of the customer's MPLS VPN on the service
provider network to the extended community attribute list of the route. The internal VPN
information for the customer is maintained on the provider PE.
4.
The provider PE advertises VPN-IPv4 routes carrying the comprehensive VPN information to the
other PEs of the service provider.
5.
After another provider PE receives the VPN-IPv4 routes, it matches the VPN-IPv4 routes to the
import targets of its local VPNs. Each local VPN accepts routes of its own and advertises them to
provider CEs. If a provider CE (such as CE 7 and CE 8 in
) is connected to a provider PE
through an IPv4 connection, the PE advertises IPv4 routes to the CE. If it is a VPN-IPv4 connection
(a customer MPLS VPN network), the PE advertises VPN-IPv4 routes to the CE.
6.
After receiving VPN-IPv4 routes from the provider CE, a customer PE matches those routes to local
import targets. Each customer VPN accepts only its own routes and advertises them to connected
customer CEs (such as CE 3, CE 4, CE 5, and CE 6 in
).
HoVPN
Hierarchy of VPN (HoVPN), also called Hierarchy of PE (HoPE), prevents PEs from being bottlenecks and
is applicable to large-scale VPN deployment.
Provider PE
CE 3
CE 4
Provider MPLS
VPN backbone
P
VPN A-1
VPN A-1
VPN A-2
CE 7
Provider PE
VPN A-2
CE 8
Customer MPLS
VPN
Customer PE
CE 5
CE 6
VPN A-1
VPN A-2
Customer MPLS
VPN network
Customer PE
CE 1
CE 2
VPN A