Junos OS Support for VPNs
Junos OS supports several types of virtual private networks (VPNs), including:
Layer 2 VPNs link a set of sites that share routing information, and whose connectivity is controlled by a collection of policies. A Layer 2 VPN is not aware of routes within your network. It simply provides private links between sites over the service provider’s existing public Internet backbone.
Layer 3 VPNs are the same as a Layer 2 VPN, but it is aware of routes within your network, requiring more configuration on the part of the service provider than a Layer 2 VPN. The sites that make up a Layer 3 VPN are connected over a service provider’s existing public Internet backbone.
An Ethernet VPN (EVPN) enables you to connect dispersed customer sites using a Layer 2 virtual bridge. As with other types of VPNs, an EVPN consists of customer edge (CE) devices (host, router, or switch) connected to provider edge (PE) routers. The PE routers can include an MPLS edge switch (MES) that acts at the edge of the MPLS infrastructure. Either an MX Series 5G Universal Routing Platform or a standalone switch can be configured to act as an MES. You can deploy multiple EVPNs within a service provider network, each providing network connectivity to a customer while ensuring that the traffic sharing on that network remains private.
Interprovider VPNs supply connectivity between two VPNs in separate autonomous systems (ASs). This functionality can be used by a VPN user with connections to several Internet service providers (ISPs), or different connections to the same ISP in various geographic regions.
Carrier-of-carrier VPNs allow a VPN service provider to supply VPN service to a someone who is also a service provider. The latter service provider supplies Internet or VPN service to an end user.