beautypg.com

Extranet networking scheme, Rsvp refresh mechanism, Figure 33 – H3C Technologies H3C S12500-X Series Switches User Manual

Page 116

background image

105

All spoke PEs can receive VPN-IPv4 routes advertised by the hub PE.

The hub PE advertises the routes learned from a spoke PE to the other spoke PEs so the spoke sites
can communicate with each other through the hub site.

The import target attribute of a spoke PE is different from the export target attribute of any other

spoke PE. Therefore, any two spoke PEs cannot directly advertise VPN-IPv4 routes to each other or
directly access each other.

Figure 33 Network diagram for hub and spoke network

A route in Site 1 is advertised to Site 2 by using the following process:

1.

Spoke-CE 1 advertises a route in Site 1 to Spoke-PE 1.

2.

Spoke-PE 1 changes the route to a VPN-IPv4 route and advertises the VPN-IPv4 route to Hub-PE
through MP-BGP.

3.

Hub-PE adds the VPN-IPv4 route into the routing table of VPN 1-in, changes it to the original IPv4
route, and advertises the IPv4 route to Hub-CE.

4.

Hub-CE advertises the IPv4 route back to Hub-PE.

5.

Hub-PE adds the IPv4 route to the routing table of VPN 1-out, changes it to a VPN-IPv4 route, and
advertises the VPN-IPv4 route to Spoke-PE 2 through MP-BGP.

6.

Spoke-PE 2 changes the VPN-IPv4 route to the original IPv4 route, and advertises the IPv4 route to
Site 2.

After spoke sites exchange routes through the hub site, they can communicate with each other through

the hub site.

Extranet networking scheme

The extranet networking scheme allows specific resources in a VPN to be accessed by users not in the

VPN.
In this networking scheme, if a VPN instance needs to access a shared site, the export target attribute

and the import target attribute of the VPN instance must be contained in the import target attribute and

the export target attribute of the VPN instance of the shared site, respectively.