1. Home
  2. Networking
  3. MPLS and VPN Architectures

VRF and Routing Polices for SampleNet VPN Sites

All SampleNet VPN sites will belong to the VPN defined as Snet_Customer. These sites must have access to all other SampleNet sites directly across the TransitNet MPLS backbone (rather than through the central site, as with the currently deployed GRE tunneling solution), and they must also have direct access to Internet customers who attach to the TransitNet backbone. A further requirement is that these sites must be provided with Internet access, but via the central SampleNet network rather than through the external BGP peering point within the TransitNet London POP (although they should be reachable from the Internet via this external BGP peering point). This access will require that the address range used for the SampleNet VPN sites be advertised using BGP-4 from the SampleNet central site toward the Internet.

BGP-4 will not be used across the PE-to-CE link to SampleNet sites. This means that a static route within the VRF will be configured to point to the SampleNet sites' IP address range. This static route must be redistributed from the Snet_Customer VRF into MP-BGP so that the IPv4 addresses can be advertised across the TransitNet MP-iBGP sessions as VPN-IPv4 addresses for import by other PE-routers.

The import and export polices that will be used for this VPN can be seen in Table 15-3.

Table 15-3. SampleNet VRF Import/Export Policies

VRF Snet_Customer

 

Import and export

1234:16 (Snet_Customer)

Import only

1234:17 (Snet_Internet)

Import only

1234:18 (Internet_Customer)

This table shows that the Snet_Customer VRF will export its local routes using the route target value 1234:16, and these routes will be imported by all other Snet_Customer VPN sites, the Snet_Internet VRF, and Internet_Customer sites. Routes that contain a route target value of 1234:17 (Snet_Internet) or 1234:18 (Internet_Customer) will be imported to allow communication with all other directly attached Internet customers and Internet access via the central SampleNet network.



    		MPLS and VPN Architectures
    		About the Authors
    		About the Technical Reviewers
    		Acknowledgments
    		Part I: MPLS Technology and Configuration
    		Part 2: MPLS-based Virtual Private Networks
    		Chapter 7. Virtual Private Network (VPN) Implementation Options
    		Chapter 8. MPLS/VPN Architecture Overview
    		Chapter 9. MPLS/VPN Architecture Operation
    		Chapter 10. Provider Edge (PE) to Customer Edge (CE) Connectivity Options
    		Chapter 11. Advanced MPLS/VPN Topologies
    		Chapter 12. Advanced MPLS/VPN Topics
    		Chapter 13. Guidelines for the Deployment of MPLS/VPN
    		Chapter 14. Carrier's Carrier and Inter-provider VPN Solutions
    		Chapter 15. IP Tunneling to MPLS/VPN Migration Case Study
    		Existing VPN Solution Deployment?IP Tunneling
    		Definition of VPNs and Routing Policies for PE-routers
    		Definition of VRFs Within the Backbone Network
    		VRF and Routing Polices for SampleNet VPN Sites
    		VRF and Routing Policies for SampleNet Internet Access
    		VRF and Routing Policies for Internet Access Customers
    		MPLS/VPN Migration?Staging and Execution
    		Configuration of MP-iBGP on BGP Route Reflectors
    		Configuration of MP-iBGP on TransitNet PE-routers
    		Migration of VPN Sites onto the MPLS/VPN Solution
    		Summary
    		Appendix A. Tag-switching and MPLS Command Reference