User Manual
Table Of Contents
- Chapter 1 INTRODUTION
- Chapter 2 INSTALLATION
- Chapter 3 Switch Management
- Chapter 4 Basic Switch Configuration
- Chapter 5 File System Operations
- Chapter 6 Cluster Configuration
- Chapter 7 Port Configuration
- Chapter 8 Port Isolation Function Configuration
- Chapter 9 Port Loopback Detection Function Configuration
- Chapter 10 ULDP Function Configuration
- Chapter 11 LLDP Function Operation Configuration
- Chapter 12 Port Channel Configuration
- Chapter 13 Jumbo Configuration
- Chapter 14 EFM OAM Configuration
- Chapter 15 VLAN Configuration
- Chapter 16 MAC Table Configuration
- Chapter 17 MSTP Configuration
- Chapter 18 QoS Configuration
- Chapter 19 Flow-based Redirection
- Chapter 20 Egress QoS Configuration
- Chapter 21 Flexible QinQ Configuration
- Chapter 22 Layer 3 Forward Configuration
- Chapter 23 ARP Scanning Prevention Function Configuration
- Chapter 24 Prevent ARP, ND Spoofing Configuration
- Chapter 25 ARP GUARD Configuration
- Chapter 26 ARP Local Proxy Configuration
- Chapter 27 Gratuitous ARP Configuration
- Chapter 28 Keepalive Gateway Configuration
- Chapter 29 DHCP Configuration
- Chapter 30 DHCPv6 Configuration
- Chapter 31 DHCP option 82 Configuration
- Chapter 32 DHCPv6 option37, 38
- Chapter 33 DHCP Snooping Configuration
- Chapter 34 Routing Protocol Overview
- Chapter 35 Static Route
- Chapter 36 RIP
- Chapter 37 RIPng
- Chapter 38 OSPF
- Chapter 39 OSPFv3
- Chapter 40 BGP
- 40.1 Introduction to BGP
- 40.2 BGP Configuration Task List
- 40.3 Configuration Examples of BGP
- 40.3.1 Examples 1: configure BGP neighbor
- 40.3.2 Examples 2: configure BGP aggregation
- 40.3.3 Examples 3: configure BGP community attributes
- 40.3.4 Examples 4: configure BGP confederation
- 40.3.5 Examples 5: configure BGP route reflector
- 40.3.6 Examples 6: configure MED of BGP
- 40.3.7 Examples 7: example of BGP VPN
- 40.4 BGP Troubleshooting
- Chapter 41 MBGP4+
- Chapter 42 Black Hole Routing Manual
- Chapter 43 GRE Tunnel Configuration
- Chapter 44 ECMP Configuration
- Chapter 45 BFD
- Chapter 46 BGP GR
- Chapter 47 OSPF GR
- Chapter 48 IPv4 Multicast Protocol
- 48.1 IPv4 Multicast Protocol Overview
- 48.2 PIM-DM
- 48.3 PIM-SM
- 48.4 MSDP Configuration
- 48.4.1 Introduction to MSDP
- 48.4.2 Brief Introduction to MSDP Configuration Tasks
- 48.4.3 Configuration of MSDP Basic Function
- 48.4.4 Configuration of MSDP Entities
- 48.4.5 Configuration of Delivery of MSDP Packet
- 48.4.6 Configuration of Parameters of SA-cache
- 48.4.7 MSDP Configuration Examples
- 48.4.8 MSDP Troubleshooting
- 48.5 ANYCAST RP Configuration
- 48.6 PIM-SSM
- 48.7 DVMRP
- 48.8 DCSCM
- 48.9 IGMP
- 48.10 IGMP Snooping
- 48.11 IGMP Proxy Configuration
- Chapter 49 IPv6 Multicast Protocol
- Chapter 50 Multicast VLAN
- Chapter 51 ACL Configuration
- Chapter 52 802.1x Configuration
- 52.1 Introduction to 802.1x
- 52.2 802.1x Configuration Task List
- 52.3 802.1x Application Example
- 52.4 802.1x Troubleshooting
- Chapter 53 The Number Limitation Function of Port, MAC in VLAN and IP Configuration
- 53.1 Introduction to the Number Limitation Function of Port, MAC in VLAN and IP
- 53.2 The Number Limitation Function of Port, MAC in VLAN and IP Configuration Task Sequence
- 53.3 The Number Limitation Function of Port, MAC in VLAN and IP Typical Examples
- 53.4 The Number Limitation Function of Port, MAC in VLAN and IP Troubleshooting Help
- Chapter 54 Operational Configuration of AM Function
- Chapter 55 TACACS+ Configuration
- Chapter 56 RADIUS Configuration
- Chapter 57 SSL Configuration
- Chapter 58 IPv6 Security RA Configuration
- Chapter 59 VLAN-ACL Configuration
- Chapter 60 MAB Configuration
- Chapter 61 PPPoE Intermediate Agent Configuration
- Chapter 62 SAVI Configuration
- Chapter 63 Web Portal Configuration
- Chapter 64 VRRP Configuration
- Chapter 65 IPv6 VRRPv3 Configuration
- Chapter 66 MRPP Configuration
- Chapter 67 ULPP Configuration
- Chapter 68 ULSM Configuration
- Chapter 69 Mirror Configuration
- Chapter 70 RSPAN Configuration
- Chapter 71 sFlow Configuration
- Chapter 72 SNTP Configuration
- Chapter 73 NTP Function Configuration
- Chapter 74 DNSv4/v6 Configuration
- Chapter 75 Summer Time Configuration
- Chapter 76 Monitor and Debug
- Chapter 77 Reload Switch after Specified Time
- Chapter 78 Debugging and Diagnosis for Packets Received and Sent by CPU
- Chapter 79 MPLS Overview
- Chapter 80 LDP
- Chapter 81 MPLS VPN
- Chapter 82 Public Network Access of MPLS VPN
- Chapter 83 SWITCH OPERATION
- Chapter 84 TROUBLE SHOOTING
- Chapter 85 APPENDEX A
- Chapter 86 GLOSSARY
- EC Declaration of Conformity
81-33
If a VPN user wants to provide some site resource of this VPN to outside users, the Extranet Networking
resolution can solve the problem.
In this networking if a VPN needs to access the sharing site, its Export Target should be included in the Import
Target of the sharing site VPN instances, and its Import Target should be included in the Export Target of the
sharing site VPN instances.
In the above figure, site3 of VPN1 can be accessed by VPN1 and VPN2:
PE3 can receive the VPN-IPv4 routes advertised by PE1 and PE2
PE1 and PE2 can receive the VPN-IPv4 routes advertised by PE3
Based on the above two conditions, site1 and site3 of VPN1 can intercommunicate, so do the site2
of VPN2 and site3 of VPN1.
PE3 won’t advertise VPN-IPv4 routes from PE1 to PE2, or advertise the VPN-IPv4 route from PE2 to PE1 (the
routes learnt from an IGBP neighbor won’t be sent to other IBGP neighbors), so site1 of VPN1 and site2 of
VPN2 can’t intercommunicate.
81.1.5 BGP/MPLS VPN Route Advertisement
In basic BGP/MPLS VPN networks, VPN route advertisement concerns CE and PE, since P routers only
maintains routes of the backbone network, and doesn’t need any VPN route information. PE routers only
maintain the VPN route information directly connected to it, not all VPN routes. SO the BGP/MPLS VPN
network is easy to extend.
The VPN route advertisement process includes three parts to create a reachable route from the local CE to
the remote CE, enabling the advertisement of VPN private network route information in the backbone network:
from local CE to ingress PE, from the ingress PE to the egress PE, from egress PE to the remote CE.
The followings are introduction to the three parts:
The route information switch from the local CE to the ingress PE
CE will send the local VPN route to the PE directly connected to it after establishing an adjacency to the latter.
CE can use static routes, RIP, OSPF, IS-IS or EBGP to send routes to PE, all in the form of standard IPv4
routes.
The route information switch from the ingress PE to the egress PE
PE will add RD and VPN target attributes to the VPN routes it learns from CE, then store these VPN-IPv4
routes into the VPN instances created for CE.
The ingress PE will advertise the VPN-IPv4 routes to the egress PE via MP-BGP. The egress PE will
determine whether to add this route into the route table of VPN instance according to the routes’ Export Target
attribute and the import Target of the VPN instances it maintains.
Different PE ensure the intercommunication between them via IGP.
The route information switch between the egress PE to the remote CE
Like the route information switch from the local CE to the ingress PE, there are many available methods for
the remote CE to learn VPN routes the egress PE, including static route, RIP, OSPF, IS-IS and EBGP.
81.1.6 Multi-AS VPN Introduction