Route Targets
One of the best abstract concepts for engineers, back aboriginal acquirements about MPLS VPNs, is the
concept of Avenue Targets. Understanding the basal catechism of what RTs do is almost easy, but
understanding why MPLS needs RTs and how to best accept the absolute ethics to use for RTs, can
be a affair for continued chat back architecture an MPLS VPN. In fact, MPLS RTs accredit MPLS
to abutment all sorts of circuitous VPN topologies—for example, acceptance some sites to be reachable
from assorted VPNs, a abstraction alleged overlapping VPNs.
PEs acquaint RTs in BGP Updates as BGP Continued Community aisle attributes (PAs). Generally
speaking, BGP continued communities are 8 bytes in length, with the adaptability to be acclimated for a
wide array of purposes. Added specifically, MPLS defines the use of the BGP Extended
Community PA to encode one or added RT values.
RT ethics chase the aforementioned basal architecture as the ethics of an RD. However, agenda that while a
particular prefix can accept alone one RD, that aforementioned prefix can accept one or added RTs assigned to it.
724 Affiliate 19: Multiprotocol Label Switching
To best accept how MPLS uses RTs, aboriginal accede a added accepted analogue of the purpose of
RTs, followed by an archetype of the mechanics by which PEs use the RT:
MPLS uses Avenue Targets to actuate into which VRFs a PE places IBGP-learned
routes.
Figure 19-16 shows a assiduity of the aforementioned archetype in Figures 19-14 and 19-15, now focusing
on how the PEs use the RTs to actuate into which VRFs a avenue is added. In this case, the figure
shows an consign RT—a agreement ambience in VRF agreement mode—with a altered value
configured for VRF-A and VRF-B, respectively. PE1 shows its acceptation RT for anniversary VRF—again a
configuration ambience in VRF agreement mode—which allows PE1 to accept which BGP table
entries it pulls into anniversary VRF’s RIB.
Figure 19-16 The Mechanics of the MPLS Avenue Target
The amount has a lot of details, but the all-embracing breeze of concepts is not awfully difficult. Pay particular
attention to the aftermost two steps. Following the achieve in the figure:
1. The two VRFs on PE2 are configured with an consign RT value.
2. Redistribution out of the VRF into BGP occurs.
3. This footfall artlessly addendum that the consign process—the redistribution out of the VRF into BGP—
sets the adapted RT ethics in PE2’s BGP table.
4. PE2 advertises the routes with IBGP.
NLRI
1:111:10.3.3.0/24
2:222:10.3.3.0/24
BGP Table
Router PE2
RT
1:100
2:200
VRF-A
Next-Hop
192.168.37.7
Prefix
10.3.3.0/24
Label
S0/1/0
Source
RIP
Next-Hop
192.168.38.8
Prefix
10.3.3.0/24
Label
S0/1/1
4
2
1
1
3
3
3
IBGP
Source
RIP
Redist.
2
Redist.
VRF-A
RD 1:111
Export RT 1:100
VRF-B
RD 2:222
Export RT 2:200
VRF-B
BGP
Process
NLRI
1:111:10.3.3.0/24
2:222:10.3.3.0/24
BGP Table
Router PE1
RT
1:100
2:200
VRF-A Routing Table
Next-Hop
3.3.3.3
Prefix
10.3.3.0/24
1
5
5
6
6
Source
RIP
Next-Hop
3.3.3.3
Prefix
10.3.3.0/24
Source
BGP
VRF-A
RD 1:111
Import RT 1:100
VRF-B
RD 2:222
Import RT 2:200
VRF-B Routing Table
MPLS VPNs 725
5. PE1 examines the new BGP table entries and compares the RT ethics to the configured import
RT values, which identifies which BGP table entries should go into which VRF.
6. PE1 redistributes routes into the corresponding VRFs, accurately the routes whose RTs match
the acceptation RT configured in the VRFs, respectively.
Each VRF needs to consign and acceptation at atomic one RT. The archetype in Amount 19-16 shows only
one direction: exporting on the appropriate (PE2) and importing on the larboard (PE1). However, PE2 needs
to apperceive the routes for the subnets affiliated to CE-A1 and CE-B1, so PE1 needs to apprentice those
routes from the CEs, redistribute them into BGP with some exported RT value, and acquaint them
to PE2 application IBGP, with PE2 again importing the actual routes (based on PE2’s acceptation RTs) into
PE2’s VRFs.
In fact, for simple VPN implementations, in which anniversary VPN consists of all sites for a single
customer, best configurations artlessly use a distinct RT value, with anniversary VRF for a chump both
importing and exporting that RT value.
Overlapping VPNs
MPLS can abutment overlapping VPNs by advantage of the RT concept. An overlapping VPN occurs
when at atomic one CE armpit needs to be attainable by CEs in altered VPNs.
Many variations of overlapping VPNs exist. An SP may accommodate casework to abounding customers, so
the SP absolutely accouterments CE sites that charge to be accomplished by a subset of customers. Some SP
customers may appetite connectivity to one of their ally through the MPLS network—for
example, chump A may appetite some of its sites to be able to accelerate packets to some of customer
B’s sites.
Regardless of the business goals, the RT abstraction allows an MPLS arrangement to aperture routes from
multiple VPNs into a accurate VRF. BGP supports the accession of assorted Continued Community
PAs to anniversary BGP table entry. By accomplishing so, a distinct prefix can be exported with one RT that
essentially agency “make abiding all VRFs in VPN-A accept this route,” while allotment accession RT
value to that aforementioned prefix—an RT that agency “leak this avenue into the VRFs of some overlapping
VPN.”
NOTE It is sometimes accessible to anticipate of the appellation consign to beggarly “redistribute out of the VRF
into BGP” and the appellation acceptation to beggarly “redistribute into the VRF from BGP.”
NOTE The examples in this affiliate appearance altered numbers for the RD and RT values, so that
it is bright what anniversary cardinal represents. In practice, you can set a VRF’s RD and one of its RTs
to the aforementioned value.
Figure 19-17 shows an archetype of the concepts abaft overlapping MPLS VPNs, in particular, a
design alleged a axial casework VPN. As usual, all chump A sites can accelerate packets to all other
customer A sites, and all chump B sites can accelerate packets to all added chump B sites. Also,
none of the chump A sites can acquaint with the chump B sites. However, in accession to
these accepted conventions, CE-A1 and CE-B2 can acquaint with CE-Serv, which connects to a
set of centralized servers.
Figure 19-17 Axial Casework VPN
To achieve these architecture goals, anniversary PE needs several VRFs, with several VRFs exporting and
importing assorted RTs. For example, PE1 needs two VRFs to abutment chump A—one VRF that
just imports routes for chump A, and a additional VRF that imports chump A routes as able-bodied as
routes to ability the axial casework VPN. Similarly, PE2 needs a VRF for the axial casework VPN,
which needs to acceptation some of the routes in VPN-A and VPN-B.
CE-A1
CE-A4
CE-B1
Customer A
Customer B
CE-Serv
Subnet
Centralized 10.4.4.0/24
Servers
CE-A2
Customer A
Subnet
10.3.3.0/24
CE-B2
Customer B
Subnet
10.3.3.0/24
PE1 PE2