Definition of VPNs and Routing Policies for PE-routers

The first phase in the migration planning is to define the requirements for deployment of the MPLS/VPN solution and to assign the necessary naming conventions and routing policies for each of the customers that will use the VPN service. These requirements are based on the required connectivity of VPN customers and are no different from the existing VPN infrastructure except that the technology used to provide the services has changed.

Within the topology of the TransitNet backbone, four groups of interfaces must be available within the final MPLS/VPN structure. These interfaces are based on the type of customer that is connected via the interface, or the service that is available across the interface. These interfaces are defined as follows:

• S customer? This type of interface is used to connect to a SampleNet VPN site.

• S Internet? This type of interface is defined as belonging to the main SampleNet site from where Internet connectivity is provided for members of the SampleNet VPN.

• I customer? This type of interface is used to connect to a customer who wants to use the standard Internet connectivity provided by the TransitNet backbone network.

• Global Internet? This type of interface is used to connect to another Internet service provider and is not associated with any VPN.

With these interface definitions in mind, it is now necessary to define the relevant VPNs that will make up the new MPLS/VPN service. Before this can be done, the specific connectivity requirements of each customer must be defined. Within the TransitNet backbone, we have already seen that there are two types of customer sites: those that belong to the SampleNet VPN, and those that belong to a customer who wants to obtain Internet access from the TransitNet backbone.

Each SampleNet site, defined previously as an S customer, must be capable of communicating with every other S customer and also the SampleNet central site, defined as S Internet. These sites must also be capable of communicating with all other Internet customers directly across the backbone, but they must not be capable of accessing the Internet via the global Internet interface located within the TransitNet London POP. All SampleNet site addresses will be advertised toward the Internet from within the central SampleNet site.

All non-SampleNet customers, defined as I customers, must be capable of communicating with all S customers directly across the TransitNet backbone and also the Internet via the global Internet interface located within the TransitNet London POP. They must not be capable of accessing the Internet via the S Internet interfaces. They must also have their addresses advertised using BGP-4 so that they are reachable from the Internet.

Given these connectivity requirements, the following VPNs can be defined and will be sufficient to provide the required connectivity among all types of customers. The use of these VPN definitions will be examined and explained in the sections that follow.