The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
End-to-end virtualization of an enterprise network infrastructure relies upon the following primary components:
Figure 2-1 summarizes the three most common options used to virtualize enterprise Layer 3 (L3) WANs.
Figure 2-1 Transport Options for L3 WAN Virtualization
This guide focuses on Option 1 in Figure 2-1, the enterprise-owned and operated Multiprotocol Label Switching (MPLS) L3VPN model.
The following terminology is used in the MPLS L3VPN architecture:
The PE router must import all client routes served by the associated CE router into the VRF of the PE router associated with that virtual network instance. This enables the MPLS L3VPN to distribute route information to enable route connectivity among branch, data center, and campus locations.
Figure 2-2 shows how the components combine to create an MPLS L3VPN service and support multiple L3VPNs on the physical infrastructure. In the figure, a P router connects two PE routers. The packet flow is from left to right.
Figure 2-2 Figure 2 Major MPLS L3VPN Components and Packet Flow
The PE on the left has three groups, each using its own virtual network. Each PE has three VRFs (red, green and blue); each VRF is for the exclusive use of one group using a virtual infrastructure.
When an IP packet comes to the PE router on the left, the PE appends two labels to the packet. BGP appends the inner (VPN) label and its value is constant as the packet traverses the network. The inner label value identifies the interface on the egress PE out of which the IP packet will be sent. LDP assigns the outer (IGP) label; its value changes as the packet traverses the network to the destination PE.
For more information about MPLS VPN configuration and operation, refer to “Configuring a Basic MPLS VPN” at: