Chapter 9. MPLS/VPN Architecture Operation

In the previous chapter, we introduced the key mechanisms and features that make up the MPLS/VPN architecture. You learned that the VPN service is established through the use of Virtual Routing and Forwarding Instances (VRFs) into which specific VPN customer routing information is placed through import mechanisms that utilize the Route Target BGP extended community. This VPN routing information is identified uniquely through the use of a Route Distinguisher and is distributed among service provider edge routers, known as Provider Edge (PE) routers, through the use of Multiprotocol BGP extensions.

Now that you clearly understand the basic concepts of the MPLS/VPN architecture, you can understand how to implement this architecture in terms of design and through the configuration of the service provider backbone infrastructure. You also can learn further details on the mechanisms required to achieve this, so that you can fully understand the architecture and how it is implemented. This chapter concentrates on these goals and provides a more detailed description of these mechanisms, some of which you already saw presented in their basic format in Chapter 8, "MPLS/VPN Architecture Overview."

This chapter also introduces the basic configuration steps that are necessary in all deployments of the architecture. To assist in the explanation of these configuration steps, we use a case study to show a basic Intranet topology. This case study highlights the basic VPN service, with no advanced feature deployment. For simplicity and ease of understanding, Chapter 10, "Provider Edge (PE) to Customer Edge (CE) Connectivity Options," covers more advanced configuration steps and VPN customer-to-service provider connectivity options (that are used in some deployments of the MPLS/VPN architecture).

Two requirements exist for a PE-router in respect to the advertisement of routes:

  • Advertise routes to attached CE-devices

  • Advertise routes that have been learned from these CE-devices across the MPLS/VPN backbone

This chapter covers only the second requirement of how the routes are propagated between PE-routers across the MPLS/VPN backbone. Chapter 10 covers the first requirement.


The concepts for the MPLS/VPN architecture are described fully in RFC 2547bis, "BGP/MPLS/VPNs."

    Part 2: MPLS-based Virtual Private Networks