RD value of a VPN instance on S series switches

2

Traditional BGP cannot process the VPN routes that have overlapping address spaces. Assume that both VPN1 and VPN2 use addresses on the network segment 10.110.10.0/24, and each of them advertises a route destined for this network segment. The local PE identifies the two VPN routes based on VPN instances and sends them to the remote PE. Because routes from different VPNs cannot work in load-balancing mode, the remote PE adds only one of the two routes based on BGP route selection rules. As a result, the route to the other VPN is lost.
To ensure that VPN routes of VPNs with overlapping address spaces are correctly processed, PE devices use MP-BGP to advertise VPN routes and use the VPN-IPv4 address family to identify the routes.
RDs distinguish the IPv4 prefixes with the same address space. IPv4 addresses with RDs are VPN-IPv4 addresses (VPNv4 addresses). After receiving IPv4 routes from a CE, a PE converts the routes to globally unique VPN-IPv4 routes and advertises the routes on the public network.
The following is a configuration example:
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 200:1
vpn-target 111:1 export-extcommunity
vpn-target 111:1 import-extcommunity
#

Other related questions:
VPN instance configuration on S series switch
For the configuration of BGP/MPLS IP VPN: On the S12700, see Example for Configuring BGP/MPLS IP VPN in the S12700 Typical Configuration Examples. On the S1720&S2700&S3700&S5700&S6700&S7700&S9700, see Example for Configuring BGP/MPLS IP VPN in the S1720&S2700&S3700&S5700&S6700&S7700&S9700 Typical Configuration Examples. On the S9300, see Example for Configuring BGP/MPLS IP VPN in the Sx300 Series Switches Typical Configuration Examples.

On an S series switch, can the interface bound to a VPN instance be connected to a device
Yes. On an S series switch, the interface bound to a VPN instance can be connected to a device

How to bind interfaces to VPN instances on a CE series switch
Configure a VPN instance, configure the route distinguisher (RD) and VPN-target extended community attributes for the IPv4 address family, and bind an interface to the VPN instance in the interface view.
# Configure a VPN instance and enable the IPv4 address family in the VPN instance.
system-view
[~HUAWEI] ip vpn-instance vpna
[*HUAWEI-vpn-instance-vpna] ipv4-family
[*HUAWEI-vpn-instance-vpna-af-ipv4] # Configure an RD for the VPN instance IPv4 address family.
[*HUAWEI-vpn-instance-vpna-af-ipv4] route-distinguisher 100:1
# Configure the VPN-target extended community attribute for the VPN instance IPv4 address family.
[*HUAWEI-vpn-instance-vpna-af-ipv4] vpn-target 111:1 both
[*HUAWEI-vpn-instance-vpna-af-ipv4] quit
[*HUAWEI-vpn-instance-vpna] quit
[*HUAWEI] commit
# Bind an interface to the VPN instance.
[~HUAWEI] interface vlanif 100
[*HUAWEI-Vlanif100] ip binding vpn-instance vpna
[*HUAWEI-Vlanif100] ip address 10.1.1.1 24
[*HUAWEI-Vlanif100] quit
[*HUAWEI] commit

What is MPLS VPN on S series switches
MPLS VPN on S series switches (except S1700 switches): The BGP/MPLS IP VPN model consists of the following parts: Customer Edge (CE): an edge device on a customer network. A CE provides interfaces that are directly connected to an SP network. A CE can be a router, switch, or host. In most cases, CEs cannot detect VPNs and do not need to support MPLS. Provider Edge (PE): an edge device on an SP network, which is directly connected to a CE. On the MPLS network, all handlings related to the VPN are performed on a PE, so the requirement on the PE performance is high. Provider (P): a backbone device on an SP network, which is not directly connected to CEs. A P device only needs to provide basic MPLS forwarding capabilities, without maintaining VPN information. PEs and Ps are managed by SPs. CEs are managed by users unless the users entrust CE management to SPs. A PE can be connected to multiple CEs. A CE can be connected to multiple PEs of the same SP or of different SPs.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top