Manualshelf

R3303-HP HSR6800 Routers MPLS Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR6804 Router Chassis
251252253254255256257258259260
251
Layer 1 labels—Outer labels, used for label switching inside the backbone. They indicate LSPs from
the local PEs to the remote PEs. Based on Layer 1 labels, VPN packets can be label switched along
the LSPs to the remote PEs.
Layer 2 labels—Inner labels, used for forwarding packets from the remote PEs to the CEs. An inner
label indicates to which site, or more precisely, to which CE the packet should be sent. A PE finds
the interface for forwarding a packet according to the inner label.
If two CEs belong to the same VPN and are connected to the same PE, each CE only needs to know how
to reach the other CE.
Figure 67 VPN packet forwarding
A VPN packet is forwarded in the following way:
1. Site 1 sends an IP packet with the destination address of 1.1.1.2. CE 1 transmits the packet to PE
1.
2. PE 1 searches VPN instance entries based on the inbound interface and destination address of the
packet. Once finding a matching entry, PE 1 labels the packet with both inner and outer labels and
forwards the packet out.
3. The MPLS backbone transmits the packet to PE 2 by outer label. The outer label is removed from
the packet at the penultimate hop.
4. PE 2 searches VPN instance entries according to the inner label and destination address of the
packet to determine the outbound interface and then forwards the packet out of the interface to CE
2.
5. CE 2 transmits the packet to the destination by IP forwarding.
MPLS L3VPN networking schemes
In MPLS L3VPNs, route target attributes are used to control the advertisement and reception of VPN
routes between sites. They work independently and can be configured with multiple values to support
flexible VPN access control and implement multiple types of VPN networking schemes.
Basic VPN networking scheme
In the simplest case, all users in a VPN form a closed user group. They can forward traffic to each other
but cannot communicate with any user outside the VPN.
For the basic VPN networking scheme, you must assign a route target to each VPN for identifying the
export target attribute and import target attribute of the VPN. Moreover, this route target cannot be used
by any other VPNs.
CE 1Site 1
PE 1
PP
PE 2
CE 2
Site 2
2.1.1.1/24
1.1.1.2/24
1.1.1.2
1.1.1.2
Layer2
Layer1
1.1.1.2
Layer2
1.1.1.2