Existing VPN Solution Deployment?IP Tunneling

The existing IP tunneling-based solution for the SampleNet VPN customer is provided through the use of generic route encapsulation (GRE) tunnels to a central hub location in a hub-and-spoke arrangement (see Figure 15-2). Connectivity between sites is strictly via the central site because the customer is able to accept sub-optimal routing as a trade-off for the complexity and cost associated with a full-mesh topology. Internet access is provided within the central site location. This type of topology is a fairly common one, although this is rapidly changing as the need for any-to-any connectivity increases.

Figure 15-2. SampleNet VPN Connectivity Using GRE Tunnels


Figure 15-2 illustrates that all remote SampleNet sites, referred to as S customer sites within the figure, run a direct GRE tunnel with the SampleNet central site. Connectivity between SampleNet sites and also Internet access for these sites is provided through the central site location.

The topology shown in Figure 15-2 also shows other customers, referred to as I customers, that attach to the TransitNet backbone for connectivity to the Internet. Given this topology, the goal of the TransitNet service provider is to simplify the VPN configuration and also provide optimal routing across its backbone so that VPN customers can communicate directly with other sites that belong to the VPN, and other local Internet customers, without having to route via the central SampleNet site.

    Part 2: MPLS-based Virtual Private Networks