Search for:
  • Home
  • Cisco
    • CCNA
      • CCNA Devnet
      • CCNA Cyber Ops
      • CCNA Other
    • CCNP/CCIE
      • CCNP Enterprise(Wireless)
        • Core Exams
        • Concentration Exams
      • CCNP Service Provider
        • Core Exams
        • Concentration Exams
      • CCNP Data Center
        • Core Exams
        • Concentration Exams
      • CCNP Security
        • Core Exams
        • Concentration Exams
      • CCNP Collaboration
        • Core Exams
        • Concentration Exams
      • CCNP DEVNet
        • Core Exams
        • Concentration Exams
      • CCNP Design
    • Other
  • CCIE Lab
    • CCIE EI Lab
    • CCIE DC Lab
    • CCIE Security Lab
    • CCIE Training
      • CCIE Enterprise Infrastructure Training
  • PMI
    • PMP
    • ACP
    • RMP
    • PgMP
    • PBA
  • ISACA
    • CISM
    • CISA
  • AWS
  • Microsoft
  • Others
    • GCIH
    • Palo Alto
    • Huawei
    • CompTIA
    • Oracle
    • Fortinet
    • Aruba
    • Python
    • CEHV10
    • VMware
  • News

Sign In

Lost your password?

Not a member yet? Sign Up
  • phone +86 18344981205
  • email support@spoto.net
Home
  • Home
  • Cisco
    • CCNA
      • CCNA Devnet
      • CCNA Cyber Ops
      • CCNA Other
    • CCNP/CCIE
      • CCNP Enterprise(Wireless)
        • Core Exams
        • Concentration Exams
      • CCNP Service Provider
        • Core Exams
        • Concentration Exams
      • CCNP Data Center
        • Core Exams
        • Concentration Exams
      • CCNP Security
        • Core Exams
        • Concentration Exams
      • CCNP Collaboration
        • Core Exams
        • Concentration Exams
      • CCNP DEVNet
        • Core Exams
        • Concentration Exams
      • CCNP Design
    • Other
  • CCIE Lab
    • CCIE EI Lab
    • CCIE DC Lab
    • CCIE Security Lab
    • CCIE Training
      • CCIE Enterprise Infrastructure Training
  • PMI
    • PMP
    • ACP
    • RMP
    • PgMP
    • PBA
  • ISACA
    • CISM
    • CISA
  • AWS
  • Microsoft
  • Others
    • GCIH
    • Palo Alto
    • Huawei
    • CompTIA
    • Oracle
    • Fortinet
    • Aruba
    • Python
    • CEHV10
    • VMware
  • News
perm_identity Get Started

Blog

Home > News > Cisco > MPLS VPN Architecture-3

MPLS VPN Architecture-3

access_time2020-04-26
perm_identity Posted by spoto
folder_open Cisco

The Solution to the Problem of Conflicts When Routing Is Transmitted in the Network

Why do we need RD value?

A very straightforward example of this problem is the technology you will encounter in the CCIE exam, and if you are not familiar with the principle of RD worth, and the configuration of the RD value in the exam is deleted by mistake, then you cannot pass CCIE (EI) LAB exam, because deleting an RD value will cause some configurations to be automatically deleted.

After successfully solving the problem of local routing conflicts, in the next step we need to resolve the conflicts of routing when passing through the network. Standard BGP can only handle IPv4 routing, so if different VPNs use the same IPv4 address prefix, the routing of different VPNs cannot be distinguished at the receiving end. Using the RT attribute can partially solve this problem, but it also has certain limitations. Let’s analyze how to solve this problem and its limitations through RT.

■ After PE receives the routes from different VPNs, it decides which VRF the route enters according to the RT attribute, so as to ensure that the routes of different VPNs are not comparable and the operation can be carried out normally;

■ When the route is revoked, the BGP packet has no attributes, and RT certainly will not work, which will cause the same route in all VPNs to be revoked. Therefore, although RT has this function, it is not easy to use all the time. There must be a tag that can be bound to the IPv4 address to fundamentally solve this problem-we call this tag RD. RD is a mark attached to the front of the IPv4 address, and its format is shown in the figure:

The type field defines two values: 0 and 1. For type 0, the manager sub-area includes 2 bytes, and the assigned value field includes 4 bytes. The manager sub-area uses an autonomous system number (ASN) to assign a value sub-area to the value space managed by the service provider. Type 0 cannot use private autonomous system numbers, which may cause conflicts. If you want to use a private autonomous system, you can use type 1. For Type 1, the manager sub-region includes 4 bytes, and the assigned value field includes 2 bytes. The manager sub-area uses IPv4 addresses and assigns value sub-areas to the value space managed by the service provider. The structure of RD is similar to RT, but they are essentially different.

RT is an extended attribute of BGP routing, and RD is appended to the IPv4 address and exists as part of the address. This needs everyone’s attention. The characteristics of some applications of RD are as follows:

After adding RD to the IPv4 address, it becomes a VPN-IPv4 address family. In theory, it is possible to configure an RD for each VRF, but it must be guaranteed that this RD is unique globally. It is generally recommended to configure the same RD for each VPN. The VPN-IPv4 address is only used inside the service provider’s network. It is added when the PE advertises the route, and it is placed in the local routing table after the PE receives the route to compare it with the route received later. The CE does not know that the VPN-IPv4 address is used. When it traverses the backbone of the provider, the VPN-IPv4 address is not carried in the packet header of the VPN data traffic. RD is only used when the backbone network routing protocol exchanges routes. And the standard route that the PE receives from the CE is an IPv4 route. If it needs to be advertised to other PE routers, an RD needs to be added to this route.

Because RD has these characteristics, if the same address exists in two VRFs, but the RD is different, then the two VRFs must not be able to visit each other, nor can indirect mutual visits. This is because the data packet does not carry RD when data is forwarded, so that when the data arrives at the destination, the PE will find the route entry to the same destination in different VRFs, resulting in incorrect forwarding. Although RD is carried in the process of routing and exchanging PE equipment, RD does not affect the routing between different VRFs and the formation of VPN. These things are handled by RT.

The difference between RD and RT

Features of RD

In principle, the role of RD is to change the IPv4 address into a globally unique VPNv4 address. When overlapping IPv4 addresses appear in different VPNs, RD can distinguish them. The format used is usually ASN: N, and some are based on IP address formats, such as X.X.X.X: N, but the latter is not commonly used. So as long as the VPN addresses do not overlap, RD can be arbitrarily matched. According to the characteristics of the network, we use the ASN: N method and use this AS number + N (N can be arbitrarily valued). It is generally more common to use the same RD in the same VPN.

VPN-saleASN :100
VPN-fifinanceASN :200
VPN-manageASN :300
ASN is the AS number

Features of RT

RT plays a very obvious role in MPLS VPN. It is used to control the isolation and partial interworking of VPN. The format is the same as RD. For different VPNs, it is required to define different RT values. If there are interworking requirements, they are controlled by RT attributes, which are divided into export and import attributes. The export attribute represents an attribute that is attached when a VPN route is sent. When another PE device receives this route, the import attribute determines whether to receive or which VPN to associate with when receiving the route. So for the definition of VPN, if the three VPNs do not require interworking, then:

VPN-saleexport=ASN :100import=ASN :100
VPN-fifinanceexport=ASN :200import=ASN :200
VPN-manageexport=ASN :300import=ASN :300

 

Conclusion:

In the chapter <mpls vpn architecture-3>, we will talk about the third problem of traditional VPNs-packet forwarding problem. Even if the routing table conflict is successfully resolved, when the PE receives an IP packet , How can it know which VPN to send to? Because the only information available in the IP header is the destination address. This address may exist in many VPNs.

SPOTO aims to help all candidates to prepare and pass Cisco CCNA, CCNP, CCIE Lab, CISSP, CISA, CISM, PMP, AWS and other IT exams in the first try. Hurry up to contact us!

Related Articles:

1. MPLS VPN Architecture-1

2. MPLS VPN Architecture-2

 

Post Views: 301
Tags: MPLS technologiesMPLS VPN ArchitectureMPLS VPN technologies
Newer What Would Be the Advantages of Having a CISM Certification?
Older WLAN Design Principles You Should Know

Leave a Reply Cancel reply

Cisco Course

Latest Passing Reports

2.18-HPE6-A70
2.18-HPE6-A70
2.15-nse4
2.15-nse4
2.19-200-301
2.19-200-301
pmp
pmp
CCIEf Lab Exam
Categories
  • ACP
  • Aruba
  • AWS
  • CCIE
  • CCIE Lab
  • CCNA
  • CCNP
  • CEH v10
  • Check Point
  • CISA
  • Cisco
  • CISM
  • CISSP
  • CompTIA
  • COVID-19 News
  • F5
  • Fortinet
  • Free Study Materials
  • Huawei
  • ISACA
  • ISC
  • ITIL V4
  • Juniper
  • Linux
  • Microsoft
  • NOKIA
  • Oracle
  • OTHER
  • PCCSA
  • PCNSA
  • PCNSE
  • PgMP
  • PMI
  • PMP
  • python
  • Redhat
  • RMP
  • SPOTO News
  • VMware
  • 中文战报
Recent Posts
  • Can you pass PMP without studying?
  • Can I learn AWS on my own?
  • How many times can you fail the Cisco exam?
  • Is Pmbok sufficient for PMP?
  • Can You Get An AWS Job With No Experience in 2021?
Recent Comments
  • derry on CCNA RS 200-125 Cisco Certified Network Associate Exam
  • Felicia on CCIE Routing and Switching V5.0 Lab Exam
  • Abed Kamukwema on Microsoft Certifications 70-741 MCSA Networking with Windows Server 2016 Exam
  • Rumesh Dushmantha on How Do I Verify a Cisco Certification?
  • Felix Kessy on CISA Certified Information Systems Auditor Exam
Tags
AWS Certification exam AWS certification exam dumps AWS Exam dumps AWS exam questions and answers AWS practice exam AWS Practice Tests AWS sample questions CCIE Certification exam ccie certification exam dumps ccna 200-301 exam dumps CCNA Certification exam dumps CCNA exam dumps CCNA Exam questions and answers CCNA practice exam CCNA practice tests CCNP exam dumps cisa exam dumps CISA exam questions and answers CISA practice tests Cisco certification cisco certification exam dumps cisco exam dumps Cisco exam questions and answers CISM exam dumps CISM Practice Tests CISSP answers and questions CISSP Certification exam cissp certification exam dumps cissp certification exam practices Cissp exam dumps Microsoft exam dumps pmp certification PMP certification exam dumps pmp exam PMP exam answers and questions pmp exam dumps PMP exam practice tests PMP Exam questions and answers PMP practice exam PMP practice exams PMP practice tests PMP sample questions SPOTO IT Training SPOTO pass news 思博ccie认证

SPOTO CLUB IT Certifications Dumps LOGO

SPOTO, founded in 2003, focus on online IT certification training for 17 years. SPOTO stands for Service, Professional, Outstanding, Teamwork and Obtain.

  • location_on
    Fuzhou, FuJian, China
  • phone_android
    +86 18344981205
Quick Links
  • CCIE Lab
  • Cisco Certifications
  • CCNA
  • CCNP
  • CCIE
  • CCDE
  • AWS
Newsletter

Don’t miss anything, sign up now and keep informed about our company.


User Links
Login | Register | News | Events | About Us | Contact Privacy
© 2021 Home. All rights reserved
keyboard_arrow_up

New 2020 Cisco CCNA CCNP Exam Dumps Are Available Now