beautypg.com

Chapter 82 public network access of mpls vpn, 1 public network access introduction, 1 non-vrf internet access mode – PLANET XGS3-24042 User Manual

Page 703: Chapter 82 public network access of mpls vpn -57, Ublic, Etwork, Ccess, Ntroduction, 1 non-vrf internet access mode -57

background image

82-57

Chapter 82 Public Network Access of MPLS
VPN

82.1 Public Network Access Introduction

Public network access of VPN means the ability of VPN sites to access public Internet. RFC4364 defines the

basic protocol regulations, including some methods for VPN to access Internet:

Non-VRF Internet Access Mode

VRF Internet Access Mode 3

82.1.1 Non-VRF Internet Access Mode

As demonstrated in the next figure, in non-VRF Internet Access Mode, PE routers communicate with Internet

gateways via non-VFP interface; and the Internet access traffic of VPN sites are forwarded according to the

global route table of PE routers. The CE and PE routers capable of accessing Internet have two connections,

one with the public network interface of PE (public network connection), the other with the priviate network

interface of PE (private network connection). The global route table of PE routes can contain the whole or part

of Internet routes, or only a default routes pointing to the Internet gateway. CE routers learn Interet routs via

the public network connection, and advertise to PE via the public network connection the globally registered

IP address sub-net routes in the VPN site, which will be advertised to the Internet gateway by PE and finally to

Internet. The Internet access traffic of VPN sites is also sent and received by the public network connection.

The private network connection between CE and PE is for the route learning of CE and advertising the private

network routes in tehe VPN. The VPN sites also communicate via private network connections, and forward

according to the VRF route table of PE routers. In this mode, the global and VRF rout table of PE routers are

completely isolated ; and the distribution of VPN routes and Internet routes are completely independent.

Figure 82-1 Non-VRF Internet Access Mode

PE1

P1

CE1

CE2

CE3

E

0

E1

E

3

E

2

VRFA

VRFB

P2

CE4

PE3

E

0

E

1

E3

VRFA

CE5

E

2

VRFB

MPLS Domain

internet

VRF Interface

Internet

Interface

VRF0

IGW

This manual is related to the following products:
See also other documents in the category PLANET Routers: