beautypg.com

Routing policy, Tunneling policy, Mpls l3vpn packet forwarding – H3C Technologies H3C S7500E Series Switches User Manual

Page 230

background image

6-5

Routing policy

In addition to the import and export extended communities for controlling VPN route advertisement,
you can also configure import and export routing policies to control the injection and advertisement of
VPN routes more precisely.

An import routing policy can further filter the routes that can be advertised to a VPN instance by using
the VPN target attribute of import target attribute. It can reject the routes selected by the communities
in the import target attribute. An export routing policy can reject the routes selected by the
communities in the export target attribute.

After a VPN instance is created, you can configure import and/or export routing policies as needed.

Tunneling policy

A tunneling policy is used to select the tunnel for the packets of a specific VPN instance to use.

After a VPN instance is created, you can optionally configure a tunneling policy. By default, LSPs are
used as tunnels and no load balancing occurs (in other words, the number of tunnels for load
balancing is 1). In addition, a tunneling policy takes effect only within the local AS.

MPLS L3VPN Packet Forwarding

For basic MPLS L3VPN applications in a single AS, VPN packets are forwarded with two layers of
labels:

z

Layer 1 labels: Outer labels, used for label switching inside the backbone. They indicate LSPs
from the local PEs to the remote PEs. Based on layer 1 labels, VPN packets can be label
switched along the LSPs to the remote PEs.

z

Layer 2 labels: Inner labels, used for forwarding packets from the remote PEs to the CEs. An
inner label indicates to which site, or more precisely, to which CE the packet should be sent. A PE
finds the interface for forwarding a packet according to the inner label.

If two sites (CEs) belong to the same VPN and are connected to the same PE, each of them only
needs to know how to reach the remote CE.

The following takes

Figure 6-3

as an example to illustrate the VPN packet forwarding procedure.

Figure 6-3

VPN packet forwarding

1) Site 1 sends an IP packet with the destination address of 1.1.1.2. CE 1 transmits the packet to PE

1.

See also other documents in the category H3C Technologies Routers: