We have seen in this chapter that scaling any large-scale service provider backbone is a challenge. This does not change with the introduction of the MPLS/VPN architecture, and attention should certainly be directed toward this task.

Convergence is quite obviously a very major issue, both for the service provider and for the customers of the VPN service. We have seen that whenever a VPN service is provided through use of the MPLS/VPN architecture, the convergence of the backbone network and the customer networks are affected in different ways. We have also seen that careful tuning of routing protocol timers, and other parameters, may be necessary so that customers may realize comparable convergence times as with their traditional VPN services.

The advertisement of VPN routing information between customer sites is achieved through the use of MP-iBGP. With the potential for substantial growth in PE-routers supporting the VPN service, and the number of BGP sessions between PE-routers that will be required to support this growth, some scaling issues inevitably may need to be addressed. Several options to reduce the number of BGP sessions were presented during this chapter, including the use of BGP confederations and route reflectors,

Internet connectivity will almost certainly be a requirement for every VPN customer that attaches to the service provider backbone network. This connectivity may be provided in many ways, each of which must be accommodated by the MPLS/VPN backbone. This chapter has presented several common scenarios, including central site access, any-to-any access, and connectivity through firewalls. Although these scenarios do not cover every possible topology, the techniques presented are the necessary tools to successfully provision this type of connectivity in most network deployments.

    Part 2: MPLS-based Virtual Private Networks