In this chapter, you've seen a potential migration strategy from a classical IP-over-IP VPN implementation toward an MPLS/VPN-based implementation of VPN services. This strategy does not cover every customer need and should serve only as a starting point for your own migration strategy, of course, because every network has its own specific requirements. Still, a number of common steps must be followed in every network migration toward an MPLS/VPN-based backbone.

Start with these preparatory steps:

  1. Document the connectivity needs of your customers, and design your service solutions based on these needs.

  2. Design VRFs, route targets, and route distinguishers to satisfy the connectivity needs of various customer types.

  3. Define the numbering and naming policies for VRFs, route targets, and route distinguishers.

  4. Migrate your backbone to an MPLS-enabled backbone?see Chapter 6 for an example.

  5. If needed, establish a new route-reflector hierarchy to satisfy the needs of MP-BGP route propagation.

Migrate your IP-over-IP VPN customers by following these steps:

  1. Establish central site(s) for every network that will serve as transition points during the upgrade process.

  2. Define VRFs for the VPN central site(s).

  3. Use virtual circuits or separate physical links to connect the central site(s) to a VPN, as well as keep it connected to the global IP backbone to preserve existing IP-over-IP VPN tunnels.

  4. Establish VPN routing information exchange between the central site(s) and PE-routers. Verify that the routing information sent by the central site router(s) is correctly received and propagated by the PE-routers.

  5. Migrate a pilot site to the new VPN. Verify that the routing information is properly exchanged between the sites still connected via IP-over-IP tunnels and the new VPN sites. Verify application-level connectivity between the old and new sites.

  6. Migrate remaining customer sites to the new VPN.

  7. Remove global connectivity from the central site(s).

Similar steps can be followed when migrating Frame Relay or ATM-based VPN customers to an MPLS/VPN-based solution.

    Part 2: MPLS-based Virtual Private Networks