Section 8 Basic Services: Do Not Delete This Graphic Elements in Here

Do not delete this graphic elements in here:
85
Section 8
Basic Services
Module 5
VPRN Configuration
TOS36013-0807 Issue 1.0
5620 SAM
5620 SAM (Service Aware Manager) R7.0 Operator
TOS36010 Issue 1.0
All Rights Reserved Alcatel-Lucent 2009

TOS36013-0807 Issue 1.0
Section 8 Module 5 Page 1
Document History
Switch to notes view!
852 All Rights Reserved Alcatel-Lucent 2009

Basic Services VPRN Configuration
5620 SAM 5620 SAM (Service Aware Manager) R7.0 Operator
This page is left blank intentionally
Document History
Edition Date Author Remarks
01 2009-08-14 GARCIA LOZANO, Ren First edition

TOS36013-0807 Issue 1.0
Module Objectives
Upon completion of this module, you will be able to:
Describe the operation and benefits of a VPRN service

List VPRN features, functions, components and topologies
Describe VPRN configuration on the Service Router using the SAM


TOS36013-0807 Issue 1.0
Virtual Private Routed Network
VPRN is a class of VPN that allows the connection of multiple sites in

a routed domain over a provider managed IP/MPLS network
MP-IBGP Route CE B
Exchange
RI-1
For all Services
RI-2 PE B
RI-1 PE A PE C CE C
RI-2
CE A IP / MPLS RI-1
Network VPRN Service
RI-2
Red
VPRN Service
PE D Green
RI-1
RI-2
CE D As of R4.0, inter-AS VPRNs are supported.
In Feb. 2006, Internet Draft RFC2547bis was moved to standard status, as RFC 4364.

A Virtual Private Routed Network (VPRN) service allows service providers to use their IP backbone to
provide a Layer 3 VPN service to their customers. VPRNs are also known as BGP/MPLS VPNs because
BGP is used to distribute VPN routing information across the provider's backbone and MPLS is used
to forward VPN traffic from one VPN site to another.
From the customers perspective it looks as if all sites are connected to a routed domain
Service provider can reuse the IP/MPLS infrastructure to offer multiple services
Each VPRN appears like an additional routing instance, routes for a service between the various
PEs are exchanged using MP-BGP
Customer data is encapsulated using MPLS or GRE encapsulation
Each CE router becomes a peer of the PE router that it is directly connected to, not a peer to the
other CE routers. A CE router provides the PE router with route information for the private
customer network. Each associated PE router maintains a separate IP forwarding table for each
VPRN. Additionally, the PE routers exchange the routing information configured or learned from
all customer sites via MP-BGP peering. Each route exchanged via the MP-BGP protocol includes a
Route Distinguisher (RD), which makes the router unique and a Route Target, which identifies the
VPRN association.
MPLS handles the forwarding between the PE routers. This means that the routers in the core of the
network need not know about the routes connecting the private networks. A VPRN service uses a
two-level label stack the ingress PE router pushes both an inner VC label and an outer tunnel
label onto a packet. After reaching the egress PE router via one or more MPLS Label Switched
Paths (LSPs), the PE router pops the MPLS headers and delivers a normal IP packet to the
customer.

TOS36013-0807 Issue 1.0
VPRN Features
Consistent QoS model used across all VPN services

Highly scalable implementation
Per VPN controls to limit route table growth
Consistent service and feature support over IP or MPLS
backbone
PE-CE routing support
Comprehensive set of OA&M tools
Statistics, billing and accounting data

Highly scalable:
VPN routing and forwarding (VRF) tables
Total routes
BGP Peerings
IP Interfaces
PE-CE routing supports:
Static Routes
BGP
RIP
OSPF
Statistics, billing and accounting data:
Per IP-VPN (VPRN)
Current routes
Current routes per protocol source (Static, Local, BGP (PE-CE or Network), OSPF
Maximum number of routes (high watermark)
Per IP-VPN Interface:
Packets (In/Out)
Bytes (In/Out)
Errors In/Out

TOS36013-0807 Issue 1.0
VPRN Architecture and Components
Tunneling Mechanisms:
RSVP-TE
LDP CE
PE PE
GRE
CE
CE
CE Customer 1
VPN
CE
PE
Customer 2
PE
VPN CE
CE
Core Network
CE CE
CE to PE Routing:
BGP
RIP VPN Instance #1 VRF for Customer 1 VPRN
Static VPN Instance #2 VRF for Customer 2 VPRN
OSPF
In a Virtual Private Routed Network (VPRN) the service provider network distributes its customers routing
information using MP-BGP and forwards their data packets using MPLS or GRE tunnels.
The routers in the service providers network perform one of two possible roles:
Provider (P) routers in the core. These routers simply support the switching of LSPs. They do not have any
knowledge of the existence of the VPRNs.
Provider Edge (PE) routers at the edge of the service providers network. These devices provide the MPLS
signaling and forwarding and partitioned IP routing and forwarding capabilities to partition customer data
flows received from or destined to the various customer sites.
The routers in the customers network which connect to the PEs are known as CE (Customer Edge) devices and
are simple IP routers that forward and receive IP packets and distribute routing information using standard
IP routing protocols or configured static routes and
are VPRN unaware. The architecture of the VPRN service is shown on the above diagram.
The components of a VPRN VPN are:

1. MP-BGP sessions between PEs to distribute customer routes across the service providers backbone.
2. Virtual Routing and Forwarding (VRF) tables on PEs specifying the import and export rules for customer
routes advertised between PEs.
3. Configured or learned VPRN routes from the customer sites.
4. MPLS or GRE tunnels between PEs for transporting customers traffic across the service providers
backbone.

TOS36013-0807 Issue 1.0
VPRN Functions
Learning
SwitchRoutes from
to notes Local CEs
view!
A PE learns the routes from a CE through static routes or a dynamic routing protocol such as BGP. Locally
reachable IPv4 addresses as well as remote routes learned from other PEs are stored in the appropriate VRF.
Distributing Routes
The PEs establish MP-BGP sessions with each other to distribute the routes they have learned from locally
connected CEs. The PEs maintain one or more VRF for each VPRN it is involved with, depending on the VPN
topology (mesh or hub and spoke, intranet or extranet).
Ensuring Unique Customer Routes

Because different customers may use the same IP addresses within their respective networks, a method is
need to ensure that they remain unique when they are distributed across the service provider network. This
is achieved by pre-pending the 4-byte IPv4 address with an 8-byte Route Distinguisher to form a new
address called the VPN-IPv4 address. A distinct RD value can be associated with individual routes or with
all routes learned from a particular CE.
Populating Routes Into VRFs

When a PE receives routes from another PE via their MP-BGP session it adds the learned routes into the
appropriate VRFs based on the route targets configured in each VRF, and contained in the route
advertisement. An export route target is included in the route advertisement. If it matches the import
route target configured in a VRF, those routes are populated into the VRF.
Forwarding Data Among Customer Sites

857

The PEs forward customer traffic across the service providers network via GRE or LSP tunnels (outer label).
LSPs can be established using LDP or RSVP-TE signaling.
When the destination PE receives a data packet it determines the appropriate VRF to use to forward the
packet onward to the correct CE based on the inner label associated to a given VRF. The inner label is
allocated by the local PE and advertised to the peer PE as part of a VPN-IPv4 route update.

TOS36013-0807 Issue 1.0
Transport Tunnels
Each PE involved in a given VPRN service must be configured with a tunnel to every other PE participating in
the same VPRN service to transport a customers VPN traffic from one site to another.
The tunnel is created either through the configuration of a SDP or using the auto-bind option when creating a
VPRN service instance. For VPRN services, SDP tunnels can be created using MPLS with RSVP-TE or GRE
encapsulation. The auto-bind method for creating tunnels can be used with LDP or GRE.
If SDP tunnels are used, they must be created prior to the creation of the VPRN services. The configuration of
a SDP includes specifying the far-end PE and the type of encapsulation used, GRE or MPLS with RSVP-TE.
When RSVP-TE signaling is used, the outer LSP tunnels must be explicitly configured in addition to the
creation of the SDPs. When the outer tunnels are created using auto-bind with LDP there is no need to
explicitly configure the LSP tunnels. It is only necessary to enable LDP signaling on the appropriate
interfaces and once the MP-BGP sessions have been established, the LSP is automatically established.
Similarly, outer tunnels created using auto-bind with GRE do not require any preliminary configuration the
VPRN service only needs to be auto-bound to GRE.
When the auto-bind option is used traffic from all VPRN services (configured with the auto-bind option)
traverse the same LSPs. In this case it is not possible to have alternate tunneling mechanisms (like GRE) or
the ability to configure sets of LSP's with bandwidth reservations for specific customers as is available with
explicit SDPs for the service. If LSPs with reserved bandwidth are needed then SDPs with RSVP-TE signaling
should be used for the outer tunnels.
If distinct tunnels per VPRN service are desired, then SDPs with GRE or RSVP-TE signaling should be used so
that VPRN instances can be explicitly bound to specific SDPs.


TOS36013-0807 Issue 1.0
Transport Tunnels and Service Binding
Outer Label
Each PE in the VPRN connected by a tunnel
Tunnels created by:
Creating an SDP (RSVP-TE or GRE)
Auto-bind (LDP or GRE)
Tunnel binding depends on the tunnel signaling protocol:

LDP signaled LSP tunnels
GRE tunnels
RSVP-TE signaled tunnels

Each PE involved in a given VPRN service must be configured with a tunnel to every other PE participating in
the same VPRN service to transport a customers VPN traffic from one site to another.
The tunnel is created either through the configuration of a SDP or using the auto-bind option when creating a
VPRN service instance. For VPRN services, SDP tunnels can be created using MPLS with RSVP-TE or GRE
encapsulation. The auto-bind method for creating tunnels can be used with LDP or GRE.
If SDP tunnels are used, they must be created prior to the creation of the VPRN services. The configuration of
a SDP includes specifying the far-end PE and the type of encapsulation used, GRE or MPLS with RSVP-TE.
When RSVP-TE signaling is used, the outer LSP tunnels must be explicitly configured in addition to the
creation of the SDPs. When the outer tunnels are created using auto-bind with LDP there is no need to
explicitly configure the LSP tunnels. It is only necessary to enable LDP signaling on the appropriate
interfaces and once the MP-BGP sessions have been established, the LSP is automatically established.
Similarly, outer tunnels created using auto-bind with GRE do not require any preliminary configuration the
VPRN service only needs to be auto-bound to GRE.
When the auto-bind option is used traffic from all VPRN services (configured with the auto-bind option)
traverse the same LSPs. In this case it is not possible to have alternate tunneling mechanisms (like GRE) or
the ability to configure sets of LSP's with bandwidth reservations for specific customers as is available with
explicit SDPs for the service. If LSPs with reserved bandwidth are needed then SDPs with RSVP-TE signaling
should be used for the outer tunnels.
If distinct tunnels per VPRN service are desired, then SDPs with GRE or RSVP-TE signaling should be used so
that VPRN instances can be explicitly bound to specific SDPs.

TOS36013-0807 Issue 1.0
PE to CE Route Distribution
Static Routes
All routes to be advertised by the CE to other CEs belonging to the VPRN are configured as static routes in the
VPRN service instance.
eBGP Routing
eBGP is configured between the PE and each attached CE belonging to the same VPRN in the VPRN service
instance.
The explicit configuration of the autonomous system number and router-id is optional. If omitted, these
values simply inherit the routers global AS number and router-id. The local address is also an optional
parameter. When it is not specified, it inherits the system IP address when communicating with IBGP peers
and the interface address for directly connected eBGP peers.
If no import route policy is specified, then all BGP routes advertised by the CE are accepted by the PE.
An export policy is needed for the PE to advertise the routes learned from other PE sites in the VPRN instance
via MP-BGP to the CE router via eBGP.
RIP Routing
When RIP is used as the PE-CE routing protocol, a RIP instance must be enabled on the PE router in the router
context. Subsequently RIP can be configured on the PE-CE interface during the configuration of the VPRN
service. RIP is configured between the PE and each attached CE belonging to the same VPN in the VPRN
service
8 5 10instance. All Rights Reserved Alcatel-Lucent 2009
By default RIP
5620 SAM 5620 doesAware
SAM (Service notManager)
export routes it has learned to its neighbors. Therefore it is necessary to configure an
R7.0 Operator
export policy to enable MP-BGP routes learned from remote CEs belonging to the VPN, to be redistributed
into RIP and to the local CE.
OSPF Routing
As of R4.0 of the 7X50 routers, OSPF can be used at the PE-CE routing protocol. This provides a way for a
network to continue using a single protocol as it is migrated to an IP-VPN backbone.
OSPF LSA information is not transmitted natively across the IP-VPN. The OSPF routes are imported into MP-
BGP as AS externals. As a result, other OSPF-attached VPRN sites on remote PEs will receive these via type
5 LSA. This process is not automatic and requires the configuration of (existing) Route Policies.
Stub areas, OSPF-TE and sham links are not currently supported.

TOS36013-0807 Issue 1.0
Configuration Workflow - VPRN
Configure
Configure BGP
BGP Configure an BGP mesh among participating sites
Create
Create aa
Create a Customer
Customer
Customer
Create Specify Service Type

Create Service
Service Specify Service Sites
Add a Layer 3 Access Interface to each site

Create
Create SAPs
SAPs Configure Access ports
Specify MTU
Assign Encapsulation value
Service Topology View

Manage
Manage Service
Service Properties
8 5 11 All Rights Reserved Alcatel-Lucent 2009

VPRN Configuration Workflow

The workflow illustrated above describes the steps for a network administrator or operator to
configure a Virtual Private LAN Service.
BGP Network Configuration

Configure BGP for VPRN connectivity
Customer - must be assigned to the service. Though the service can have only one Customer,
that customer may be assigned to more than one service.
Create Service - specify the service type (VPRN) and add the appropriate service sites.
Create Service Access Points Add a Layer 3 Access Interface to each site. Configure the port
Mode for Access, define the Encapsulation Type, specify the Encapsulation ID (as required) and
specify the service MTU size.
Bind Service Tunnels to create the SDPs. It is possible to use Auto-Bind, when using LDP, or
manually assign Spoke SDPs, if RSVP is to be used for tunnel transport.
Manage Service through the Properties window and/ or by using the Service Topology View.

TOS36013-0807 Issue 1.0
BGP Configuration - Configure BGP AS
1. Select the Routing Instance-1
2. Select Properties 3. Select Routing
4. Enter the AS Number as 100
5. Select Protocols
6. Verify that BGP is enabled

The following steps will cover the configuration of an iBGP mesh, which will be used for the
advertisement of VPRN routes from each customers VRFs.
An BGP mesh will be required among all participating sites in the VPRN service.
Configure BGP AS
Select the the Routing view in the tree window
Select each Router in turn where a VPRN site is required
Select the Routing instance-1 and then Properties.
Select the Routing tab, and enter the Autonomous System Number; 100 is used here as an
example.
Leave all other entries as the defaults.
Enable BGP
On the Protocols tab
Check that BGP is enabled; if not, select the BGP Enabled check box, select OK or Apply.

TOS36013-0807 Issue 1.0
Configure BGP AS
1. Select the BGP Routing Instance

2. Select Properties
3.Verify the Site ID is the

System Interface Address

Select the BGP routing instance for your router from the Navigation Tree Routing view, right
click and select Properties.
In the General tab, verify the Site ID is the system interface IP address.

TOS36013-0807 Issue 1.0
Configure BGP AS [Cont.]
1. Select the AS Properties tab

2. Verify the AS number is 100
3.In the VPN tab, enable Family:

VPN-IPVN4 and IPv4

Select the AS properties tab, and verify that the AS number is 100; 100 is used here as an
example.
In the VPN tab, enable Family: VPN-IPV4 and IPv4.
It is essential that you enable the VPN-IPV4 family as this is required to carry VPRN routes. Click
Apply or OK.

TOS36013-0807 Issue 1.0
Create Peer Group
1. Select the Group tab

2. Select Add
3. Specify the Name.
4. Select the AS Properties tab

5. Set the Peer AS to 100
6. Select OK, OK, Apply and Yes

Select the Group tab. Select Add. Specify the Name. Click Apply and OK.
Select the AS Properties tab and set the Peer AS to 100. Other parameters will be inherited
from the global configuration. Select OK, OK, Apply and Yes.

TOS36013-0807 Issue 1.0
Create BGP Peers
1. Select the Peer tab

2. Select Add
3.Enter the System ID for the other router

4.In the General tab, choose Select under
the Routing Instance group

Select the Peer tab, and create a BGP peer to one of the PE routers.
Select Add, and enter the system ID for the other router in the Peer Address field.
Under Routing Instance Group: choose Select.

TOS36013-0807 Issue 1.0
Create BGP Peers [Cont.]
1. Select the Peer Group from the list

2. Click OK, OK, Apply and Yes
3. Click Close or Cancel

Select the peer group from the list.

Click OK, OK, Apply and Yes. Click Close or Cancel.

TOS36013-0807 Issue 1.0
Verify BGP Configuration
1. Double click on a Peer
2. Ensure the connection state is Established

Repeat the steps on the previous two pages for all PE routers in your network.
Your peering relationships will be up when all objects and aggregated alarms have cleared.
Double click on each peer and check that the connection state is Established.

TOS36013-0807 Issue 1.0
Configure a Customer
1.Select ManageCustomers
2.Select
Create
3.Define the
Customer
Attributes

Services must be associated with a customer. Though a service may only have one customer, that
customer may have more than one associated to them.
To create a Customer using the 5620 SAM, the network administrator or operator will use the
following sequence:
From the Main Menu, select Manage Customers
In the new window, click on the Create button
Complete the customers details as provided in the configuration window
Click on the OK button.
To verify that the customer was created, or edit any detail:

Select Manage Customers from the Main Menu
Click on the Search button
Double-click on the appropriate entry or, select the appropriate customer and click on the Edit
button.
Review or modify the details, as required.
Click OK or Apply to save the changes or Cancel to disregard any modifications and close the
window.

TOS36013-0807 Issue 1.0
Configure Access Port

Configure Access Port

As discussed, a service requires a port facing the customer edge to be configured for Access and an
Encapsulation type specified. To configure a port:
Navigate to the Equipment view in the Navigation Tree

Expand the tree and select the appropriate port or ports. It is possible to configure multiple
ports at the same time by through the Shift Click or Ctrl Click method.
Right-click and select Properties from the contextual menu
From the Mode drop-down menu, select Access
From the Encapsulation Type drop-down menu, select the appropriate encapsulation type
Set the port MTU. Remember that the port MTU must be set to a value set to support the
largest service MTU to be supported on that port.
Select OK to complete the configuration.

TOS36013-0807 Issue 1.0
Create a VPRN
2.Choose Select
1. Select CreateService VPRN
3.Select the Customer Service Name
Description (optional)

To create a service, select the service type and assign the managed devices upon which the
service will terminate, referred to as the Service Sites.
To create a VPRN:
Select Create Service VPRN from the Main Menu
Click the Select button in the Customer block
Select a customer from the list that appears and click the OK button
Complete the remaining parameters, as required. Though optional, providing a service name and
relevant description will enable the network administrator or operator to find the service using the
Search filter.
Click Apply

TOS36013-0807 Issue 1.0
Create a VPRN [Cont.]
1. Select the Components Tab
2. Select the Site IDs (PE Sites)

participating in the service
3. Click OK
4. Select the Components Tab to view the service sites

Add and configure PE Sites:

Click on the Components Tab then right click on VPRN.
Select Create Site
Select the sites participating in the service.
Click OK
Select the Components Tab to view the service sites.

TOS36013-0807 Issue 1.0
1. Select the Routing Instance

2. Select Properties
3.Give a selected site a Name

and Description

Select the first Routing Instance

Right click and select Properties.
Give the site a Name and a Description.

TOS36013-0807 Issue 1.0
1.Assign values as shown

Click on the Routing tab. This enables us to configure the virtual router instance. Configure the
following properties:
Router id = the system address of the router
AS number = 100
Route Distinguisher Type = Type 0 (use an assigned value as a route distinguisher)
Type 0 Administrative Value = 100
Type 0 Assigned Value = a unique identifier in order to make the network address unique to
this VPRN; 60 is used as an example.

TOS36013-0807 Issue 1.0
1. Assign values as shown

Click on the VRF-Target sub tab and set the VRF route target properties as follows:
VRF Target Type = Define Default
Target Format = AS
Target AS Value = 100
Target Extended Community Value = unique value, which must match each distant end Route
Target Value of the other sites participating in the service in order to allow the population of
network addresses in the VRF; 95 is used as an example.

TOS36013-0807 Issue 1.0
1. Set the transport to

MPLS:LDP
2. Click OK and OK

Click on the Auto-Bind tab and set the Transport to MPLS:LDP. This will enable the use of LDP
signaled LSPs to reach each remote site, rather than SDPs.
Click OK and OK.

TOS36013-0807 Issue 1.0
Layer 3 Access Interfaces
1.Select Access Interfaces

2.Select Create L3 Access Interface
3.Select a Site
4.Give the Layer 3 Access Interface

a Name and Description

In the Components window, select Access Interfaces,

Right click and select on the Create L3 Access Interface. This will add a Layer 3 customer facing
interface to the virtual router on this site for this VPRN instance.
Give the interface a Name and Description.

TOS36013-0807 Issue 1.0
Layer 3 Access Interfaces [Cont.]
1.Choose Select
2.Click OK
3.Click Search
4. Select a Port
5. Click OK

Port Selection
Add a SAP to the interface via the Port tab
In the Port tab, Choose Select in the Terminating Port Region. Click OK.
In the Select Terminating Port window, select Search.

TOS36013-0807 Issue 1.0
1.Select a port
2.Click OK
3.Assign an Outer Encapsulation Value

4.Enter a SAP Description

Outer Encapsulation Value Assignment

In the Port tab, assign the port an Outer Encapsulation Value or use the Auto-Assign ID
feature.
Enter a SAP Description.

TOS36013-0807 Issue 1.0
Configure the IP
address for a specific
site as shown.

IP Address Assignment
Select the Address tab. Click Add. Configure an address on the interface of the specific router.
Note: Unlike IES, it does not matter if customer address spaces overlap on each VPRN service as
the route distinguisher keeps them unique.
In the IP Address window, type in the IP Address and Prefix Length, and click OK, OK, OK, OK.
Repeat all of the previous steps, starting with assigning a Name and Description for the other
site(s) participating in the service. In this example, the other site is node 146.

TOS36013-0807 Issue 1.0
Final Steps
1.Click Apply, Yes

2. Select Topology View

Final Steps
In the Components window, select Apply, Yes and then Topology View to view the newly
created VPRN.

TOS36013-0807 Issue 1.0


Having selected Topology View, the Service Topology window above will appear.
An alternative is to elect Manage Services, search for your VPRN service, select it.
Click on the Topology View button.
View the properties of the service.

TOS36013-0807 Issue 1.0
Questions
?
1. What method does a VPRN service use to differentiate overlapping customer address space?
a. Router target
b. Policies
c. Route Distinguisher
d. Filters
2. Select all CE to PE routing methods or protocols supported on the SR:

a. Static Routes
b. RIP
c. OSPF
d. IS-IS
e. BGP
3. Which two types of Route Distinguisher are used in the SR?

a. IP-Address and Autonomous System Number
b. Router Id and Autonomous System Number
c. IP-Address and Cluster-Id
d. Router-Id and Cluster-Id
4. What method is used to exchange routes between PEs?

a. OSPF
b. RIP
c. Static
d. MP-BGP

TOS36013-0807 Issue 1.0
Answers
1. What method does a VPRN service use to differentiate overlapping customer address space?
a. Router target
b. Policies
c. Route Distinguisher
d. Filters
2. Select all CE to PE routing methods or protocols supported on the SR:

a. Static Routes
b. RIP
c. OSPF
d. IS-IS
e. BGP
3. Which two types of Route Distinguisher are used in the SR?

a. IP-Address and Autonomous System Number
b. Router Id and Autonomous System Number
c. IP-Address and Cluster-Id
d. Router-Id and Cluster-Id
4. What method
Basic Services is used to exchange routes between PEs?
VPRN Configuration
a. OSPF
b. RIP
c. Static
d. MP-BGP

TOS36013-0807 Issue 1.0
End of Module
VPRN Configuration


TOS36013-0807 Issue 1.0
Last Blank Page

This page is left blank intentionally

TOS36013-0807 Issue 1.0

Section 8 Basic Services: Do Not Delete This Graphic Elements in Here

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Section 8 Basic Services: Do Not Delete This Graphic Elements in Here

Uploaded by

Copyright:

Available Formats

Do not delete this graphic elements in here:

All Rights Reserved Alcatel-Lucent 2009

All Rights Reserved Alcatel-Lucent 2009

Switch to notes view!

852 All Rights Reserved Alcatel-Lucent 2009

Edition Date Author Remarks

01 2009-08-14 GARCIA LOZANO, Ren First edition

All Rights Reserved Alcatel-Lucent 2009

Upon completion of this module, you will be able to:

Describe the operation and benefits of a VPRN service

853 All Rights Reserved Alcatel-Lucent 2009

All Rights Reserved Alcatel-Lucent 2009

VPRN is a class of VPN that allows the connection of multiple sites in

854 All Rights Reserved Alcatel-Lucent 2009

All Rights Reserved Alcatel-Lucent 2009

Consistent QoS model used across all VPN services

855 All Rights Reserved Alcatel-Lucent 2009

All Rights Reserved Alcatel-Lucent 2009

The components of a VPRN VPN are:

All Rights Reserved Alcatel-Lucent 2009

Ensuring Unique Customer Routes

Populating Routes Into VRFs

Forwarding Data Among Customer Sites

5620 SAM 5620 SAM (Service Aware Manager) R7.0 Operator

All Rights Reserved Alcatel-Lucent 2009

858 All Rights Reserved Alcatel-Lucent 2009

All Rights Reserved Alcatel-Lucent 2009

Tunnel binding depends on the tunnel signaling protocol:

859 All Rights Reserved Alcatel-Lucent 2009

All Rights Reserved Alcatel-Lucent 2009

All Rights Reserved Alcatel-Lucent 2009

Create Specify Service Type

Add a Layer 3 Access Interface to each site

Service Topology View

8 5 11 All Rights Reserved Alcatel-Lucent 2009

VPRN Configuration Workflow

BGP Network Configuration

All Rights Reserved Alcatel-Lucent 2009

8 5 12 All Rights Reserved Alcatel-Lucent 2009

All Rights Reserved Alcatel-Lucent 2009

1. Select the BGP Routing Instance

3.Verify the Site ID is the

8 5 13 All Rights Reserved Alcatel-Lucent 2009

All Rights Reserved Alcatel-Lucent 2009

1. Select the AS Properties tab

3.In the VPN tab, enable Family:

8 5 14 All Rights Reserved Alcatel-Lucent 2009

All Rights Reserved Alcatel-Lucent 2009

1. Select the Group tab

4. Select the AS Properties tab

8 5 15 All Rights Reserved Alcatel-Lucent 2009

All Rights Reserved Alcatel-Lucent 2009

1. Select the Peer tab

3.Enter the System ID for the other router

8 5 16 All Rights Reserved Alcatel-Lucent 2009

All Rights Reserved Alcatel-Lucent 2009

1. Select the Peer Group from the list

8 5 17 All Rights Reserved Alcatel-Lucent 2009

Select the peer group from the list.

All Rights Reserved Alcatel-Lucent 2009

1. Double click on a Peer

2. Ensure the connection state is Established

8 5 18 All Rights Reserved Alcatel-Lucent 2009