© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1

MPLS VPN Technology

Introducing the MPLS VPN Routing Model

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-2

Outline

• Overview

• MPLS VPN Routing Requirements

• What Is the MPLS VPN Routing Model?

• Existing Internet Routing Support

• Routing Tables on PE Routers

• Identifying End-to-End Routing Update Flow

• Route Distribution to CE Routers

• Summary

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-3

MPLS VPN Routing Requirements

• CE routers have to run standard IP routing software.

• PE routers have to support MPLS VPN services and IP routing.

• P routers have no VPN routes.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-4

MPLS VPN Routing:CE Router Perspective

• The CE routers run standard IP routing software and exchange routing updates with the PE router.

– EBGP, OSPF, RIPv2, EIGRP, and static routes are supported.

• The PE router appears as another router in the C-network.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-5

MPLS VPN Routing:Overall Customer Perspective

• To the customer, the PE routers appear as core routers connected via a BGP backbone.

• The usual BGP and IGP design rules apply.

• The P routers are hidden from the customer.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-6

MPLS VPN Routing:P Router Perspective

• P routers do not participate in MPLS VPN routing and do not carry VPN routes.

• P routers run backbone IGP with the PE routers and exchange information about global subnetworks (core links and loopbacks).

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-7

MPLS VPN Routing:PE Router Perspective

PE routers:• Exchange VPN routes with CE routers via per-VPN routing protocols

• Exchange core routes with P routers and PE routers via core IGP

• Exchange VPNv4 routes with other PE routers via MP-IBGP sessions

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-8

Support for Existing Internet Routing

PE routers can run standard IPv4 BGP in the global routing table:

• PE routers exchange Internet routes with other PE routers.

• CE routers do not participate in Internet routing.

• P routers do not need to participate in Internet routing.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-9

Routing Tables on PE Routers

PE routers contain a number of routing tables:

• The global routing table contains core routes (filled with core IGP) and Internet routes (filled with IPv4 BGP).

• The VRF tables contains routes for sites of identical routing requirements from local (IPv4 VPN) and remote (VPNv4 via MP-BGP) CE routers.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-10

End-to-End Routing Update Flow

PE routers receive IPv4 routing updates from CE routers and install them in the appropriate VRF table.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-11

PE routers export VPN routes from VRF tables into MP-BGP and propagate them as VPNv4 routes to other PE routers.

End-to-End Routing Update Flow (Cont.)

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-12

End-to-End Routing Update Flow:MP-BGP Update

An MP-BGP update contains these elements:• VPNv4 address

• Extended communities (route targets, optionally SOO)

• Label used for VPN packet forwarding

• Any other BGP attribute (for example, AS path, local preference, MED, standard community)

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-13

• The receiving PE router imports the incoming VPNv4 routes into the appropriate VRF based on route targets attached to the routes.

• The routes installed in the VRFs are propagated to the CE routers.

End-to-End Routing Update Flow (Cont.)

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-14

Route Distribution to CE Routers

• A route is installed in the site VRF if it matches the import route target attribute.

• Route distribution to CE sites is driven by the following:

–Route targets

–SOO attribute if defined

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-15

What Is Multi-VRF CE (VRF-Lite)?

• Multi-VRF CE (VRF-lite) is an application based on VRF implementation.

– VRF-lite supports multiple overlapping and independent VRFs on the CE router.

• The CE router separates traffic between client networks using VRFs.

• There is no MPLS functionality on the CE router.

– No label exchange between the CE and PE router.

– No labeled packet flow between the CE and PE router.

• Any routing protocol supported by normal VRF can be used in a Multi-VRF CE implementation.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-16

Summary

• In MPLS VPNs:

– CE routers run standard protocols (static, RIPv2, OSPF, EIGRP, EBGP) to the PE routers.

– PE routers provide the VPN routing and services via MP-BGP.

– P routers do not participate in VPN routing, and only provide core IGP backbone routing to the PE routers.

• The PE router functions are extended to carry regular Internet routing via IPv4 BGP in addition to the MP-BGP.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-17

Summary (Cont.)

• PE routers separate the global IPv4 BGP routing table from each unique customer VPNv4 MP-BGP routing table.

• The ingress PE router receives CE customer IPv4 updates and exports these IPv4 routes to other PE routers via MP-BGP.

• The egress PE router imports the VPNv4 routes and forwards them to the CE router as an IPv4 update.

• Route distribution to destination CE routers is determined by BGP communities using route targets and an optional SOO for loop detection.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-18