CE router- Router in Customer network (C-network) which peers with service provider edge(PE- router) in Provider network (P-network)
P-routers are completely unaware of VPN. Only edge-routers(PE) are aware.
VPN prefix are propagated across MPLS VPN network by MP-BGP (Multi-protocol BGP).
RD(route distinguisher) is a variable to distinguish same routes from different customers. It is 64-bit field. Can be represented in As:nn or ip address:nn format.
RD : customer routes = VPNv4 prefix which is 96-bit field
A VRF can have only one RD configurable.
RT- Route Target. One of the BGP extended communities which is also 64-bit.
Export/import options are used.
All routes belong to the VRF are propagated (after redistribution) as VPNv4 routes with all export RT/s configured on that VRF.
A VPNv4 prefix can be downloaded to a VRF (after the RD is striped off) only if any one of the RTs in the VPNv4 matches the configured import RT.
Conditional routes with a particular RT can be achieved using “export-map” option.
We can still refine the download of VPNv4 routes to VRF table using “import-map” option. When any one of the RTs in VPNv4 matches the configured import RT *and* matched by import-map will be downloaded.
Prefixes are exchanged between CE and PE using any PE-CE routing protocols. These prefixes are carried inside the MPLS network via MP-BGP to other end PE-routers. Hence, iBGP session should be established between two PE-routers connecting customer sites.
Inside, MPLS VPN network, there would be two label stacks.
Top label – IGP label distributed by LDP. Used to switch packets in from ingress PE to egress PE.
VPN label – bottom label distributed via MP-BGP. Used at the egress PE router to know about to which VPN the packet belongs.
If TE in implemented in MPLS VPN network, three labels will be seen. Top label being TE label propagated via RSVP.
RR behavior in MPLS-VPN;
Reflects all the VPNv4 routes to RR clients without any modification.
Should accept all VPNv4 prefix (using RR-groups we can select which prefixes should be accepted using extended community access list.
Shouldn’t involve in forwarding traffic. Just reflect vpnv4 routes.
Use different RDs for a same customer, if a customer is multi-home to 2 different PE routers and those 2 PE routers are connected to same RR.
PE-CE Routing protocols;
PE1-CE1 routes are redistributed from PE1-CE1 routing protocol to MP-BGP. On the other end, make sure the redistribute from MP-BGP to PE2-CE2 routing protocol. Also, follow above step for PE2-CE2 prefix so that 2-way communication is possible.