1. Home
  2. Networking
  3. MPLS and VPN Architectures

Summary

In this chapter, you've seen a potential migration strategy from a classical IP-over-IP VPN implementation toward an MPLS/VPN-based implementation of VPN services. This strategy does not cover every customer need and should serve only as a starting point for your own migration strategy, of course, because every network has its own specific requirements. Still, a number of common steps must be followed in every network migration toward an MPLS/VPN-based backbone.

Start with these preparatory steps:

  1. Document the connectivity needs of your customers, and design your service solutions based on these needs.

  2. Design VRFs, route targets, and route distinguishers to satisfy the connectivity needs of various customer types.

  3. Define the numbering and naming policies for VRFs, route targets, and route distinguishers.

  4. Migrate your backbone to an MPLS-enabled backbone?see Chapter 6 for an example.

  5. If needed, establish a new route-reflector hierarchy to satisfy the needs of MP-BGP route propagation.

Migrate your IP-over-IP VPN customers by following these steps:

  1. Establish central site(s) for every network that will serve as transition points during the upgrade process.

  2. Define VRFs for the VPN central site(s).

  3. Use virtual circuits or separate physical links to connect the central site(s) to a VPN, as well as keep it connected to the global IP backbone to preserve existing IP-over-IP VPN tunnels.

  4. Establish VPN routing information exchange between the central site(s) and PE-routers. Verify that the routing information sent by the central site router(s) is correctly received and propagated by the PE-routers.

  5. Migrate a pilot site to the new VPN. Verify that the routing information is properly exchanged between the sites still connected via IP-over-IP tunnels and the new VPN sites. Verify application-level connectivity between the old and new sites.

  6. Migrate remaining customer sites to the new VPN.

  7. Remove global connectivity from the central site(s).

Similar steps can be followed when migrating Frame Relay or ATM-based VPN customers to an MPLS/VPN-based solution.



    		MPLS and VPN Architectures
    		About the Authors
    		About the Technical Reviewers
    		Acknowledgments
    		Part I: MPLS Technology and Configuration
    		Part 2: MPLS-based Virtual Private Networks
    		Chapter 7. Virtual Private Network (VPN) Implementation Options
    		Chapter 8. MPLS/VPN Architecture Overview
    		Chapter 9. MPLS/VPN Architecture Operation
    		Chapter 10. Provider Edge (PE) to Customer Edge (CE) Connectivity Options
    		Chapter 11. Advanced MPLS/VPN Topologies
    		Chapter 12. Advanced MPLS/VPN Topics
    		Chapter 13. Guidelines for the Deployment of MPLS/VPN
    		Chapter 14. Carrier's Carrier and Inter-provider VPN Solutions
    		Chapter 15. IP Tunneling to MPLS/VPN Migration Case Study
    		Existing VPN Solution Deployment?IP Tunneling
    		Definition of VPNs and Routing Policies for PE-routers
    		Definition of VRFs Within the Backbone Network
    		VRF and Routing Polices for SampleNet VPN Sites
    		VRF and Routing Policies for SampleNet Internet Access
    		VRF and Routing Policies for Internet Access Customers
    		MPLS/VPN Migration?Staging and Execution
    		Configuration of MP-iBGP on BGP Route Reflectors
    		Configuration of MP-iBGP on TransitNet PE-routers
    		Migration of VPN Sites onto the MPLS/VPN Solution
    		Summary
    		Appendix A. Tag-switching and MPLS Command Reference