Posted by: Sulaiman Syed
Cisco, how mpls vpn works, MPLS, mpls vpn, network, router, routing, service provider, virtual, virtual routing, vpn
When a service provider connects to sites that belong to one customer that uses private address then SP will advertise those routes within his autonomous systems. This could be handled when he is serving one ogranization. What if the SP is connecting 10 customers each with three sites and all of them use network 10.0.0.0! The SP can’t run seperate networks for these customers to connect them. VPN will not work, how the router will know to which other router to associate, (in the case of same IP address assigned to more than one router). In scenarios such these, MPLS VPN is the perfect solution.
MPLS VPN solves this problem by using multiple routing tables, this featured called Virtual Routing and Forwarding (VRF). VRF table will create different routing tables for each customer, and solve the issue of multiple overlapping IP addressed.
Usually, the costumer router will not be aware of any MPLS cloud, or VRF. Costumer router will be called Customer edge (CE). The first Label Switch Router (LSR) and the last one will be called Provider edge (PE). The LSR router that is connected within the SP is called Provider (P). The PE router will be aware of VRF, while the P routers will just forward packets based on labels.
Router P and PE both will run LDP and IGP, IGP will advertise the SP subnets only (no customer prefexes are advertiesed) to enable MPLS unicast IP routing. PE does the extra work of learning costumer routes, keeping track of which routes belong to which customer. PE will not put the routes in normal IP routing table, but stored in per customer tables. PE will use IBGP to exchange these routes with other PE routers.
PE routers will push two labels for each packet. An Outer label that is used to packet to be switched to the egress PE, and an Inner label that is used to correlate the VRF with the packet destenation.
Figure below shows the operation in a simple manner.
MPLS VPN works using three important concepts. They are VRF, Route Distiguishers (Rds), and Route Targets (RT). Further reading required to get more comprehensive view of MPLS VPN.