Extranet networking scheme, Rsvp refresh mechanism, Figure 33 – H3C Technologies H3C S12500-X Series Switches User Manual
Page 116
105
•
All spoke PEs can receive VPN-IPv4 routes advertised by the hub PE.
•
The hub PE advertises the routes learned from a spoke PE to the other spoke PEs so the spoke sites
can communicate with each other through the hub site.
•
The import target attribute of a spoke PE is different from the export target attribute of any other
spoke PE. Therefore, any two spoke PEs cannot directly advertise VPN-IPv4 routes to each other or
directly access each other.
Figure 33 Network diagram for hub and spoke network
A route in Site 1 is advertised to Site 2 by using the following process:
1.
Spoke-CE 1 advertises a route in Site 1 to Spoke-PE 1.
2.
Spoke-PE 1 changes the route to a VPN-IPv4 route and advertises the VPN-IPv4 route to Hub-PE
through MP-BGP.
3.
Hub-PE adds the VPN-IPv4 route into the routing table of VPN 1-in, changes it to the original IPv4
route, and advertises the IPv4 route to Hub-CE.
4.
Hub-CE advertises the IPv4 route back to Hub-PE.
5.
Hub-PE adds the IPv4 route to the routing table of VPN 1-out, changes it to a VPN-IPv4 route, and
advertises the VPN-IPv4 route to Spoke-PE 2 through MP-BGP.
6.
Spoke-PE 2 changes the VPN-IPv4 route to the original IPv4 route, and advertises the IPv4 route to
Site 2.
After spoke sites exchange routes through the hub site, they can communicate with each other through
the hub site.
Extranet networking scheme
The extranet networking scheme allows specific resources in a VPN to be accessed by users not in the
VPN.
In this networking scheme, if a VPN instance needs to access a shared site, the export target attribute
and the import target attribute of the VPN instance must be contained in the import target attribute and
the export target attribute of the VPN instance of the shared site, respectively.