Mpls l3vpn concepts, Site – H3C Technologies H3C S10500 Series Switches User Manual

2

Figure 1 Network diagram for MPLS L3VPN model

VPN 1

CE

Site 1

VPN 2

CE

CE

CE

Site 3

VPN 2

PE

VPN 1

Site 2

Site 4

PE

PE

P

P

P

P

CEs and PEs mark the boundary between the service providers and the customers.
After a CE establishes adjacency with a directly connected PE, it advertises its VPN routes to the PE and

learns remote VPN routes from the PE. A CE and a PE use BGP/IGP to exchange routing information. You
can also configure static routes between them.
After a PE learns the VPN routing information of a CE, it uses BGP to exchange VPN routing information

with other PEs. A PE maintains routing information about only VPNs that are directly connected, rather

than all VPN routing information on the provider network.
A P router maintains only routes to PEs and does not deal with VPN routing information.
When VPN traffic travels over the MPLS backbone, the ingress PE functions as the ingress Label Switching
Router (LSR), the egress PE functions as the egress LSR, and P routers function as the transit LSRs.

MPLS L3VPN concepts

Site

Sites are often mentioned in the VPN. A site has the following features:

•

A site is a group of IP systems with IP connectivity that does not rely on any service provider network

to implement.

•

The classification of a site depends on the topology relationship of the devices, rather than the

geographical positions, though the devices at a site are, in most cases, adjacent to each other
geographically.

•

The devices at a site can belong to multiple VPNs.

•

A site is connected to a provider network through one or more CEs. A site can contain many CEs,

but a CE can belong to only one site.

Sites connected to the same provider network can be classified into different sets by policies. Only the

sites in the same set can access each other through the provider network. Such a set is called a VPN.