In this chapter, you've seen the versatility of MPLS/VPN technology in implementing various VPN topologies that are sometimes very hard to implement with traditional VPN technologies, ranging from Layer 2 or Layer 3 overlay VPNs to traditional peer-to-peer VPNs.

The topologies supported by MPLS/VPN can satisfy almost all customer requirements that can be formulated in terms of the IP routing model, including these:

  • Simple customer virtual private networks

  • Overlapping intranet/extranet networks

  • Access to common servers while preventing communication between the clients

  • Hub-and-spoke VPN in which all traffic must flow through the hub site for security, logging, or auditing reasons

You've also seen the extensions and modifications to traditional AS path processing needed in the BGP protocol to support some of these topologies.

    Part 2: MPLS-based Virtual Private Networks