Interprovider Layer 3 VPN Option C Overview
This overview describes one of four recommended interprovider and carrier-of-carriers solutions for situations in which the customer of a VPN service provider might be another service provider rather than an end customer. The customer service provider depends on the virtual private network (VPN) service provider (SP) to deliver a VPN transport service between the customer service provider’s points of presence (POPs) or regional networks.
If the customer service provider’s sites have different autonomous system (AS) numbers, then the VPN transit service provider supports carrier-of-carriers VPN service for the interprovider VPN service. This functionality might be used by a VPN customer who has connections to several different Internet service providers (ISPs), or different connections to the same ISP in different geographic regions, each of which has a different AS number.
Applications
A customer might require VPN services for different sites, yet the same SP is not available for all of those sites.
RFC 4364 suggests several methods to resolve this problem, including:
- Interprovider VRF-to-VRF connections at the AS boundary routers (ASBR) (not very scalable). This option is presented in Implementing Interprovider Layer 3 VPN Option A.
- Interprovider EBGP redistribution of labeled VPN-IPv4 routes from AS to neighboring AS (somewhat scalable). This option is presented in Implementing Interprovider Layer 3 VPN Option B.
- Interprovider multihop EBGP redistribution of labeled VPN-IPv4 routes between source and destination ASs, with EBGP redistribution of labeled IPv4 routes from AS to neighboring AS (very scalable). This option is presented in Implementing Interprovider Layer 3 VPN Option C.
Solutions might include elements of both the interprovider VPN solutions and the carrier-of-carriers solution. For example, a transit carrier might supply a service provider whose sites have different AS numbers, which makes the solution topology look like an interprovider solution (due to the different AS numbers). However, it is the same service for the transit carrier, so it really is a carrier-of-carriers service. This type of service solution is referred to as carrier-of-carriers VPN service for the interprovider VPN service.
In contrast, if the customer service provider's sites have the same AS number, then the VPN transit service provider delivers a carrier-of-carriers VPN service.
In addition to resolving the initial problem described above, carrier-of-carriers or interprovider VPN solutions may be used to solve other problems such as scalability and merging two service providers.
Implementation
This section describes implementing interprovider layer 3 VPN option C, which is one of the recommended implementations of MPLS VPN when that service is required by a customer that has more than one AS and all of their AS cannot be serviced by the same service provider.
In this method, only routes internal to the service provider networks are announced between ASBRs. This is achieved by using the family inet labeled-unicast statements in the IBGP and EBGP configuration on the PE routers. Labeled IPv4 (not VPN-IPv4). routes are exchanged by the ASBRs to support MPLS. An MP-EBGP session between the end PEs is used for the announcement of VPN-IPv4 routes. In this manner, VPN connectivity is maintained while keeping VPN-IPv4 routes out of the network core.
The logical topology of the network is shown in Figure 1
Figure 1: Logical Topology of Interprovider Layer 3 VPN Option C
