2.1 Introduction to MCE
MCE isolates different services or users by using the route multi-instance on the CE.
2.1.1 MCE Overview
MCE isolates different services or users by using the route multi-instance on the CE.
Background
With increasing diversification of user services and higher requirements on the security, multiple
VPNs are required in a private network in most cases and services of different VPNs need to be
isolated. In this case, using a CE for each VPN increases the device expenditure and maintenance
cost; the security of data cannot be ensured if multiple VPNs share a CE and a route forwarding
table.
As shown in Figure 2-1, MCE can effectively solve issues of security of the data and network
costs in a VPN. MCE isolates services of different VPNs by binding VLANIF interfaces to
VPNs, and creating and maintaining an independent multi-VRF table for each VPN.
Figure 2-1 Typical MCE networking diagram
CE
MCE
Service
provider's
backbone
CE
VPN 1
Site
Site
Site
Site
VPN 1
VPN 2
PE
PE
PE
P
P
P
P
VPN 2
Basic Concepts
l CE
An edge device that is located in a user network. A CE provides interfaces that are directly
connected to the Service Provider (SP) network. A CE can be a router, a switch, or a host.
In most situations, a CE neither senses a VPN nor supports MPLS.
l MCE
A CE configured with MCE functions. An MCE can connect to multiple VPNs whose
services are isolated completely.
Huawei AR1200 Series Enterprise Routers
Configuration Guide - VPN 2 MCE Configuration
Issue 01 (2012-04-20) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
42
To Next Page
Loading...
