this presentation cover about the virtual private network

1. MPLS VPN Configurations Fahad Ahmed Khan

9. Service Provider Network Provider Edge (PE) device Provider Edge (PE) device VPN Site VPN Site VPN Terminology CPE (CE) Device CPE (CE) Device Provider core (P) device

13. Service Provider Network Provider Edge (PE) device Provider Edge (PE) device VPN Site VPN Site Virtual Circuit VPN Overlay Model CPE (CE) Device CPE (CE) Device Layer-3 Routing Adjacency

15. Service Provider Network Provider Edge (PE) Router Provider Edge (PE) Router VPN Site VPN Site CPE (CE) Router CPE (CE) Router Layer-3 Routing Adjacency VPN Peer-to-Peer Model Layer-3 Routing Adjacency

18. Peer-to-Peer Model Shared Router Approach PE CE VPN-A VPN-B CE VPN-C CE Shared router approach with complex filters Paris London Munich interface Serial0/1 description ** interface to VPN-A customer ip address 192.168.61.6 255.255.255.252 ip access-group VPN-A in ip access-group VPN-A out ! interface Serial0/2 description ** interface to VPN-B customer ip address 192.168.61.9 255.255.255.252 ip access-group VPN-B in ip access-group VPN-B out ! interface Serial0/3 description ** interface to VPN-C customer ip address 192.168.62.6 255.255.255.252 ip access-group VPN-C in ip access-group VPN-C out PE Routing Table VPN-A routes VPN-B routes VPN-C routes

20. Peer-to-Peer Model Dedicated Router Approach VPN-A PE CE VPN-A VPN-B CE Dedicated router approach expensive to deploy Paris London P Routing Table VPN-A routes (community 111:1) VPN-B routes (community 111:2) VPN-B PE P Router CE VPN-A Brussels VPN-A routes ONLY VPN-B router bgp 111 neighbor 10.13.1.2 remote-as 111 neighbor 10.13.1.2 route-reflector-client neighbor 10.13.1.2 route-map VPN-A out ! route-map VPN-A permit 10 match community-list 75 ! ip community-list 75 permit 111:1

25. Benefits of MPLS VPNs PE CE VPN-A VPN-A CE VPN-B Global Routing Table VRF for VPN-A VRF for VPN-B VPN Routing Table CE Multiple routing & forwarding instances (VRFs) provide the separation Paris London Munich IGP &/or BGP

31. VPN Routing & Forwarding Instance (VRF) PE CE VPN-A VPN-A CE VPN-B Global Routing Table VRF for VPN-A VRF for VPN-B VPN Routing Table CE Multiple routing & forwarding instances (VRFs) provide the separation Paris London Munich IGP &/or BGP

35. Local VRF Route Population PE CE VPN-A VPN-A CE VPN-B VRF for VPN-A VRF for VPN-B CE Local VRF population driven by routing protocol context or process (OSPF) Paris London Munich Which routing protocol context or process ? Global

39. Concept of RD PE1 CE VPN-A VPN-B VPN-B CE MP-BGP PE2 BGP Table Routes from VPN-A Routes from VPN-B Munich MPLS/VPN Backbone CE router sends 32 bit IPv4 prefix PE router converts it into a 96 bit VPNv4 prefix

56. Penultimate Hop Popping London Brussels Paris 197.26.15.1 In Label FEC Out Label - 197.26.15.1/32 In Label FEC Out Label 41 197.26.15.1/32 POP In Label FEC Out Label - 197.26.15.1/32 41 Use label 41 for destination 197.26.15.1/32 Use label implicit-null for destination 197.26.15.1/32 London# show tag-switching tdp binding 197.26.15.1 tib entry: 197.26.15.1/32, rev 10 local binding: tag: imp-null(1) remote binding: tsr: 172.16.3.1:0, tag: 41 Brussels# show tag-switching tdp binding 197.26.15.1 tib entry: 197.26.15.1/32, rev 10 local binding: tag: 41 remote binding: tsr: 172.16.3.2:0, tag: imp-null(1) Brussels# show tag-switching forwarding Local Outgoing Prefix Bytes tag Outgoing Next Hop tag tag or VC or Tunnel Id switched interface 41 Pop tag 197.26.15.1/32 0 Se0/0/2 point2point

59. MPLS/VPN Configuration and Implementation

85. MPLS OSPF CE VPN-A CE VPN-B MPLS BGP backbone London Area 0 Area 1 VPN-A CE VPN-B Area 2 Area 0 VPN-A CE Paris