Information Technology Reference
In-Depth Information
BGP Confederations and MPLS VPN
So far the discussion on MPLS VPN across AS borders has centered on the use of multi-
protocol eBGP. BGP confederation presents a similar situation, because the session between
member autonomous systems is confederation eBGP, as discussed in Chapter 7. When
MPLS VPN is used within a BGP confederation, two scenarios are possible, as described
in the following list, depending on whether the BGP next hop is reset:
•
When a single IGP is used, the BGP next hop is reachable across the confederation
via the IGP. An end-to-end LSP using LDP can be maintained across member AS
boundaries. There is no change to the regular VPN scenario.
•
If each member AS uses its own IGP, the BGP next hop is reset at the member AS
boundary. This is similar to the case of inter-AS VPN. When crossing member
AS boundaries, the same inter-AS configuration options are available, as discussed
earlier.
Figure 10-30 shows a scenario in which each member AS uses its own IGP, and the BGP
next hop is reset at member AS borders. The BGP next hop is set to self for VPNv4 sessions
between the two ASBRs. When the VPNv4 prefix is advertised from ASBR2 to ASBR1, the
BGP next hop is thus ASBR2. A new VPN label, Lv2, is assigned.
Figure 10-30
MPLS VPN Within a Confederation
65002:200:172.16.0.0/16
NH=ASBR1, RT=65002:1
VPNv4 Label=Lv3
65002:200:172.16.0.0/16
NH=PE2, RT=65002:1
VPNv4 Label=Lv1
Confederation 100
192.168.100.5/32
IGP NH=ASBR1
IGP Label=L2
192.168.100.4/32
IGP NH=PE2
IGP Label=L1
PE1
PE2
ASBR1
ASBR2
AS 65002
AS 65001
65002:200:172.16.0.0/16
NH=ASBR2, RT=65002:1
VPNv4 Label=Lv2
172.16.0.0/16
NH=CE2
172.16.0.0/16
NH=PE1
VPNa
Site1
VPNa
Site2
CE1
CE2
