User Manual

461
Users Manual of XGS-6350-24X4C
Chapter 48. Multi-VRF CE Configuration
Multi-VRF CE Introduction
48.1
48.1.1 Overview
The Virtual Private Network (VPN) provides a secure method for multiple client networks to share the
ISP-supplied bandwidth. In general, one VPN comprises a team of client networks that share a public routing
table on the ISP's routers. Each client network is connected to the interface of the network devices of ISP,
while ISP's device will relate each interface to a VPN routing table. One VPN routing table is also called as a
VRF (VPN Routing /Forwarding table).
VRF is usually deployed on a Provider Edge (PE) device, such as MPLS VRF VPN. A PE supports multiple
VPNs, and each VPN has its independent IP address space among which IP addresses can be overlapped.
The VPN of a different client connects a different interface of PE, while PE differentiates the to-be-checked
routing tables according to the incoming port of the packet.
Multi-VRF CE is to remove the task of connecting multiple client networks from PE to CE, which only requires
a physical link to connect CE and PE. In this way, the port resource of PE is saved. CE also maintains the
VRF routing table for each VPN. The packets from the client network are first forwarded on CE and then
transmitted to PE after the packets pass through the ISP network.
The switch which serves as MCE connects different client networks through different ports and then relates
these ports to a VPN routing table. The switch only supports VRF settings on the VLAN port.
The MCE function is usually deployed at the edge of the large-scale MPLS-VRF VPN network. The three
functions, Multi-VRF CE, MPLS label switching and the function of MPLS control layer, are independent.
Figure 1.1 shows an MPLS-VRF VPN network.
VPN2
Site 2
VPN1
Site 2
MPLS
Backbone
VPN2
Site 1
VPN1
Site 1
MCE
Switch
PE PE
MCE
Switch
Figure 1.1 MCE in the MPLS-VRF VPN network
48.1.1.1 Establishing Routes with CE
The Multi-VRF CE switch can establish routes with CE through multiple dynamic routing protocols. CE can be
routers or the Ethernet switches. The routing protocols which are supported include OSPF, RIP and BEIGRP.
The MCE switch also supports static routing configuration.
The MCE switch generally needs different VLAN ports to connect CEs that belong to different VPNs. The
VLAN ports that are used to connect the VPNs require to be related to a VRF. CE does not need to support