The MPLS VPN over GRE
feature provides a mechanism for tunneling Multiprotocol Label Switching (MPLS)
packets over a non-MPLS network. This feature utilizes MPLS over generic
routing encapsulation (MPLSoGRE) to encapsulate MPLS packets inside IP tunnels.
The encapsulation of MPLS packets inside IP tunnels creates a virtual
point-to-point link across non-MPLS networks.
L3VPN over GRE
basically means encapsulating L3VPN traffic in GRE header and its outer IPv4
header with tunnel destination and source IP addresses after imposing zero or
more MPLS labels, and transporting it across the tunnel over to the remote
tunnel end point. The incoming packet can be a pure IPv4 packet or an MPLS
packet. If the incoming packet is IPv4, the packet enters the tunnel through a
VRF interface, and if the incoming packet is MPLS, then the packet enters
through an MPLS interface. In the IPv4 case, before encapsulating in the outer
IPv4 and GRE headers, a VPN label corresponding to the VRF prefix and any IGP
label corresponding to the IGP prefix of the GRE tunnel destination is imposed
on the packet. In the case of MPLS, the top IGP label is swapped with any label
corresponding to the GRE tunnel destination address.
GREoMPLS with IP Fast
Reroute (IPFRR) is not supported.
provider-edge-to-provider-edge (PE-to-PE) tunneling configuration provides a
scalable way to connect multiple customer networks across a non-MPLS network.
With this configuration, traffic that is destined to multiple customer networks
is multiplexed through a single GRE tunnel.
nonscalable alternative is to connect each customer network through separate
GRE tunnels (for example, connecting one customer network to each GRE tunnel).
As shown in the
following figure, the PE devices assign VPN routing and forwarding (VRF)
numbers to the customer edge (CE) devices on each side of the non-MPLS network.
The PE devices use
routing protocols such as Border Gateway Protocol (BGP), Open Shortest Path
First (OSPF), or Routing Information Protocol (RIP) to learn about the IP
networks behind the CE devices. The routes to the IP networks behind the CE
devices are stored in the associated CE device's VRF routing table.
The PE device on
one side of the non-MPLS network uses the routing protocols (that operate
within the non-MPLS network) to learn about the PE device on the other side of
the non-MPLS network. The learned routes that are established between the PE
devices are then stored in the main or default routing table.
The opposing PE
device uses BGP to learn about the routes that are associated with the customer
networks that are behind the PE devices. These learned routes are not known to
the non-MPLS network.
figure shows BGP defining a static route to the BGP neighbor (the opposing PE
device) through the GRE tunnel that spans the non-MPLS network. Because routes
that are learned by the BGP neighbor include the GRE tunnel next hop, all
customer network traffic is sent using the GRE tunnel.
Figure 1. PE-to-PE
As shown in the
following figure, the provider-to-provider-edge (P-to-PE) tunneling
configuration provides a way to connect a PE device (P1) to an MPLS segment
(PE-2) across a non-MPLS network. In this configuration, MPLS traffic that is
destined to the other side of the non-MPLS network is sent through a single GRE
Figure 2. P-to-PE
As shown in the
following figure, the provider-to-provider (P-to-P) configuration provides a
method of connecting two MPLS segments (P1 to P2) across a non-MPLS network. In
this configuration, MPLS traffic that is destined to the other side of the
non-MPLS network is sent through a single GRE tunnel.
Figure 3. P-to-P