Figure 1. Chassis as MPLS-CE Connected to PE
The system in this
scenario uses static/dynamic MPLS labels for ingress and egress traffic. For
configuration information on static label, refer to the
Configuring BGP/MPLS VPN with Static Labels
section and refer to
Configuring BGP/MPLS VPN with Static Labels
for dynamic label configuration.
The system is in a
separate autonomous system (AS) from the Provider Edge (PE). It communicates
with the PE and all VPN routes are exchanged over MP-BGP. Routes belonging to
different VPNs are logically separated, using separate virtual route forwarding
tables (VRFs).
Routes for each VPN
are advertised as VPN-IPv4 routes, where route distinguishers are prepended to
regular IPv4 routes to allow them to be unique within the routing table. Route
targets added to the BGP extended community attributes identify different VPN
address spaces. The particular upstream BGP peer routing domain (VPN), from
which a route is to be imported by the downstream peer into an appropriate VRF,
is identified with an extended community in the advertised NLRI.
A unique label is
also received or advertised for every VPN route.
The Customer Edge
(CE) also advertises routes to the PE using NLRIs that include route
distinguishers to differentiate VPNs, an extended community to identify VRFs,
and a MPLS-label, which will later be used to forward data traffic.
There is a single
MPLS-capable link between the CE and the PE. MP-BGP communicates across this
link as a TCP session over IP. Data packets are sent bidirectionally as MPLS
encapsulated packets.
This solution does
not use any MPLS protocols. The MPLS label corresponding to the immediate
upstream neighbor can be statically configured on the downstream router, and
similarly in the reverse direction.
When forwarding
subscriber packets in the upstream direction to the PE, the CE encapsulates
packets with MPLS headers that identify the upstream VRF (the label sent with
the NLRI) and the immediate next hop. When the PE receives a packet it swaps
the label and forward.
The CE does not run
any MPLS protocol (LDP or RSVP-TE).
When receiving data
packets in the downstream direction from the PE, the label is checked to
identify the destination VRF. Then the packet is de-encapsulated into an IP
packet and sent to the session subsystem for processing.
Important:
MPLS ping/trace
route debugging facilities are not supported.