1 / 20

MPLS VPN Technology

MPLS VPN Technology. Introducing VPNs. Outline. Overview Traditional Router-Based Network Connectivity Advantages of VPNs VPN Terminology What Are the VPN Implementation Models? What Are Overlay VPN Technologies? What Are Peer-to-Peer VPN Technologies? What Are the Benefits of VPNs?

ramla
Télécharger la présentation

MPLS VPN Technology

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. MPLS VPN Technology Introducing VPNs

  2. Outline • Overview • Traditional Router-Based Network Connectivity • Advantages of VPNs • VPN Terminology • What Are the VPN Implementation Models? • What Are Overlay VPN Technologies? • What Are Peer-to-Peer VPN Technologies? • What Are the Benefits of VPNs? • What Are the Drawbacks of VPNs? • Summary

  3. Traditional Router-Based Networks • Traditional router-based networks connect customer sites through routers connected via dedicated point-to-point links.

  4. Virtual Private Networks • VPNs replace dedicated point-to-point links with emulated point-to-point links sharing common infrastructure. • Customers use VPNs primarily to reduce their operational costs.

  5. VPN Terminology

  6. VPN Terminology (Cont.)

  7. VPN Implementation Models • VPN services can be offered based on two major models: • Overlay VPNs, in which the service provider provides virtual point-to-point links between customer sites • Peer-to-peer VPNs, in which the service provider participates in the customer routing

  8. Overlay VPNs: Hub-and-Spoke Topology

  9. Overlay VPNs:Redundant Hub-and-Spoke Topology

  10. Overlay VPNs:Layer 2 Implementation • This is the traditional switched WAN solution: • The service provider establishes Layer 2 virtual circuits between customer sites. • The customer is responsible for all higher layers.

  11. Overlay VPNs:IP Tunneling • VPN is implemented with IP-over-IP tunnels: • Tunnels are established with GRE or IPsec. • GRE is simpler (and quicker); IPsec provides authentication and security.

  12. Overlay VPNs:Layer 2 Forwarding • VPN is implemented with PPP-over-IP tunnels. • VPN is usually used in access environments (dialup, digital subscriber line).

  13. The service provider infrastructure appears as point-to-point links to customer routes. Routing protocols run directly between customer routers. The service provider does not see customer routes and is responsible only for providing point-to-point transport of customer data. Overlay VPNs:Layer 3 Routing

  14. Peer-to-Peer VPNs:Implementation Techniques

  15. Peer-to-Peer VPNs:Packet Filters

  16. Peer-to-Peer VPNs:Controlled Route Distribution

  17. Benefits of VPN Implementations • Overlay VPN: • Well-known and easy to implement • Service provider does not participate in customer routing • Customer network and service provider network are well-isolated • Peer-to-peer VPN: • Guarantees optimum routing between customer sites • Easier to provision an additional VPN • Only sites provisioned, not links between them

  18. Drawbacks of VPN Implementations • Overlay VPN: • Implementing optimum routing requires a full mesh of virtual circuits. • Virtual circuits have to be provisioned manually. • Bandwidth must be provisioned on a site-to-site basis. • Overlay VPNs always incur encapsulation overhead. • Peer-to-peer VPN: • The service provider participates in customer routing. • The service provider becomes responsible for customer convergence. • PE routers carry all routes from all customers. • The service provider needs detailed IP routing knowledge.

  19. Summary • Traditional router-based networks connect via dedicated point-to-point links. • VPNs use emulated point-to-point links sharing a common infrastructure. • The two major VPN models are overlay VPN and peer-to-peer VPN. • Overlay VPNs use well-known technologies and are easy to implement. • Overlay VPN virtual circuits must be provisioned manually. • Peer-to-peer VPNs guarantee optimum routing between customer sites. • Peer-to-peer VPNs require that the service provider participate in customer routing.

More Related