l The backbone network is an MPLS network, in which the devices at the backbone layer
are fully connected and data is backed up on multiple layers. The devices at the backbone
layer are connected through high-speed interfaces. If the number of PEs is great, use the
BGP route reflector to reflect VPNv4 routes to decrease the number of MP IBGP
connections.
l The convergence layer is of either a mesh topology or a ring topology.
When a PE is faulty, the S9300 adopts the VPN fast rerouting (FRR) technology.
You can configure the IP FRR to ensure that VPN traffic can rapidly switch to another link
between the PE and the CE when two CEs in a site access the same PE, and when a link between
the PE and the CE fails.
For the configuration of the VPN FRR, see "Configuring IP FRR on a Private Network" in
the S9300 Configuration Guide - IP Routing.
3.3 Configuring a VPN Instance
This section describes how to configure the VPN instance.
3.3.1 Establishing the Configuration Task
3.3.2 Creating a VPN Instance
3.3.3 Configuring the Attributes of a VPN Instance
3.3.4 (Optional) Applying a Tunnel Policy to a VPN Instance
3.3.5 (Optional) Allocating MPLS Labels Based on VPN Instances
3.3.6 Checking the Configuration
3.3.1 Establishing the Configuration Task
Applicable Environment
On the BGP/MPLS IP VPN, each VPN is an instance. Each VPN creates a forwarding instance,
that is, VPN instance. A VPN instance is also called VPN routing and forwarding (VRF) table.
RFC 2547 (BGP/MPLS VPNs) specifies that a VPN instance is a per-site forwarding table.
A VPN instance separates the VPN routes from the public network routes. The routes of different
VPN instances are separated from each other. The VPN instance is required by all the BGP/
MPLS IP VPN solutions.
The VPN instances use RDs to separate address spaces and use VPN targets to control the VPN
member relations and routing rules of the directly connected sites.
When controlling the transmitting and receiving of VPN routes with the VPN target, the
S9300 controls the VPN routes accurately and uses the routing policy on the inbound packets
and outbound packets. By using routing policy applied to the inbound packets, the S9300 filters
the routes to be imported to the VPN instance according to the VPN targets. By using the routing
policy applied to the outbound packets, the S9300 filters the routes to be advertised to other PEs.
Pre-configuration Tasks
Before configuring a VPN instance, complete the following tasks:
Quidway S9300 Terabit Routing Switch
Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration
Issue 03 (2009-08-20) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
3-5
To Next Page
Loading...
