HP MSR2000/3000/4000 Router Series MPLS Configuration Guide
123
Figure 47 Application of BGP AS number substitution
In Figure 47, both Site and Site 2 use the AS number 800. AS number substitution is enabled on PE 2 for
CE 2. Before advertising updates received from CE 1 to CE 2, PE 2 substitutes its own AS number 100
for the AS number 800. In this way, CE 2 can correctly receive the routing information from CE 1.
However, the AS number substitution function also introduces a routing loop in Site 2 because route
updates originated from CE 3 can be advertised back to Site 2 through PE 2 and CE 2. To remove the
routing loop, you can configure a routing policy on PE 2 to add the SoO attribute to route updates
received from CE 2 and CE 3 so that PE 2 does not advertise route updates from CE 3 to CE 2.
Multi-VPN-instance CE
BGP/MPLS VPN transmits private network data through MPLS tunnels over the public network. However,
the traditional MPLS L3VPN architecture requires that each VPN instance use an exclusive CE to connect
to a PE, as shown in Figure 30.
A pr
ivate network is usually divided into multiple VPNs to isolate services. To meet these requirements,
you can configure a CE for each VPN, which increases device expense and maintenance costs. Or, you
can configure multiple VPNs to use the same CE and the same routing table, which sacrifices data
security.
You can use the Multi-VPN-Instance CE (MCE) function in multi-VPN networks. MCE allows you to bind
each VPN to a VLAN interface. The MCE creates and maintains a separate routing table for each VPN.
This separates the forwarding paths of packets of different VPNs and, in conjunction with the PE, can
correctly advertise the routes of each VPN to the peer PE, ensuring the normal transmission of VPN
packets over the public network.
MPLS backbone
VPNv4_Update: 10.1.0.0/16
RD: 100:1
AS_PATH: 800
EBGP_Update: 10.1.0.0/16
AS_PATH: 100, 100
PE 1 PE 2
CE 3
AS 800
Site 2
EBGP_Update: 10.1.0.0/16
AS_PATH: 800
AS 800
Site 1
AS 100
CE 1
CE 2