Mp-bgp, Routing policy, Tunneling policy – H3C Technologies H3C SR8800 User Manual

225

In other words, VPN target attributes define which sites can receive VPN-IPv4 routes, and from which sites

that a PE can receive routes.
Like RDs, VPN target attributes can be of three formats:

•

16-bit AS number:32-bit user-defined number. For example, 100:1.

•

32-bit IPv4 address:16-bit user-defined number. For example, 172.1.1.1:1.

•

32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536.
For example, 65536:1.

MP-BGP

Multiprotocol extensions for BGP-4 (MP-BGP) advertises VPN composition information and routes

between PEs. It is backward compatible and supports both traditional IPv4 address family and other

address families, such as VPN-IPv4 address family.
Using MP-BGP can guarantee that private routes of a VPN are advertised only in the VPN and implement

communications between MPLS VPN members.

Routing policy

In addition to the import and export extended communities for controlling VPN route advertisement, you

can also configure import and export routing policies to control the redistribution and advertisement of
VPN routes more precisely.
An import routing policy can further filter the routes that can be advertised to a VPN instance by using

the VPN target attribute of import target attribute. It can reject the routes selected by the communities in

the import target attribute. An export routing policy can reject the routes selected by the communities in
the export target attribute.
After a VPN instance is created, you can configure an import routing policy, an export routing policy, or

both as needed.

Tunneling policy

A tunneling policy is used to select the tunnel for the packets of a specific VPN instance to use.
After a VPN instance is created, you can optionally configure a tunneling policy for the VPN instance. By

default, only one tunnel is selected (no load balancing) in this order: LSP tunnel, CR-LSP tunnel. A

tunneling policy takes effect only within the local AS.

MPLS L3VPN packet forwarding

For basic MPLS L3VPN applications in a single AS, VPN packets are forwarded with the following layers

of labels:

•

Layer 1 labels—Outer labels, used for label switching inside the backbone. They indicate LSPs from
the local PEs to the remote PEs. Based on layer 1 labels, VPN packets can be label switched along
the LSPs to the remote PEs.

•

Layer 2 labels—Inner labels, used for forwarding packets from the remote PEs to the CEs. An inner
label indicates to which site, or more precisely, to which CE the packet should be sent. A PE finds

the interface for forwarding a packet according to the inner label.

If two sites (CEs) belong to the same VPN and are connected to the same PE, each CE only needs to know

how to reach the other CE.
The following takes

Figure 57

as an example to illustrate the VPN packet forwarding procedure.